The name cyber security itself can be off-putting, even a little scary. The words seem to imply it is only for specially qualified, very technical professionals and not for others because it is just too complicated. This is not the case!

The National Cyber Security Centre puts it well – that cyber security is about “protecting the devices we all use (smartphones, laptops, tablets and computers), and the services we access – both online and at work – from theft or damage”.

For organisations (including small/medium organisationslarge organisations and those from the public sector) good cyber security consists of taking action to reduce the risk of cyber attacks. This means safeguarding the confidentiality and privacy and the availability and integrity of data. This is vital for ensuring the quality and safety of care and support.

Implications for care providers

Security breaches can happen when we use paper records, send faxes and even verbally. However, the consequences of security breaches with digital information are potentially far more severe. This is because substantial amounts of information can be distributed more easily and to a far wider audience.

The impact of a cyber breach or attack can be significant and costly. This can include

  • financial losses due to theft from bank accounts, fake requests for payments, including ransonware demands
  • the time lost through having to fix your website or systems
  • the potential loss of customers
  • damage to your reputation
  • other potential consequences of a hacker getting their hands on your data.

For example, one care provider came under a series attack – employee rosters were deleted affecting care arrangements across several service locations. Passwords to senior managers’ emails and service users’ digital records were changed and the company’s website was removed.

A former staff member told us: “I cannot express the emotional stress this caused. It felt like we were watching a burglary on CCTV without any power to intervene. Email accounts literally disappeared mid-email. It felt like being in a Hollywood film about it. As soon as we made a fix on one area something else went down or became disrupted.”

According to the Department for Digital, Culture, Media and Sport’s Cyber Security Breaches Survey 2021, four in ten businesses (39%) and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months. Like previous years, this is higher among medium businesses (65%), large businesses (64%) and high-income charities (51%)

Among these organisations, the most common types of breaches or attacks are:















In October 2020, UK charities reported being victims of fraud or cybercrime 645 times since the start of the Covid-19 pandemic with £3.6 million in total losses.

How to respond to an attack

This is why cyber security is a high priority for business and why all staff must be aware of how to implement protective measures and know what steps to take if a cyber incident takes place.

Learn more about cyber security here.