Cybersecurity Series: Identifying Cybersecurity Breaches


Cybersecurity issues, when reported in the press, are often accompanied by some alarming figures:

  • the NHS’ cancellation of thousands of appointments and operations in the wake of a ransomware attack;
  • the loss of millions of customers personal information in data breaches;
  • impacts on productivity and process (again due to ransomware) resulting in hundreds of millions of pounds of lost revenue;
  • and Action Fraud’s estimation that the UK lost around £11 billion in 2015/16 due to cybercrime… a figure that has continued to risk year on year, as more cybercrime is reported.

It’s easy, when faced with problems of this scale, for individuals and the organisations they represent to feel powerless, to think that their actions will have no impact. However, reducing cyber security risk is often about large numbers of individuals making small technical or behavioural changes, rather than an expensive technical magic wand.

This is particularly important when it comes to reactive cyber security measures. Most organisations have come to the realisation that, with the volume of attacks sustained each day, a cybersecurity breach is likely to happen at some point.

The ability to survive a breach with an acceptable level of impact is often about time. It’s really tempting, especially if your system is still working and no customers are complaining, to just assume that everything is OK. However, by reasoning this way the company is only measuring the availability of a service when monitoring cybersecurity.

The majority of companies are including GDPR in their consideration of cybersecurity risk, which means that in addition to the availability of their systems they should also be monitoring the confidentiality of the data they hold and its integrity. For organisations whose cybersecurity processes are still relatively lightweight, monitoring through a security operations centre may be out of reach, but by encouraging employees to report and investigate problems more proactively it may still be possible to identify breaches in time to reduce their impact.

We’ve produced an article discussing the importance of detecting breaches as early as possible in the download here.


Clayden Law has teamed up with technical expert, Emma Osborn. and over the next few months we will provide some back-to-basics analysis of the technical, legal and data protection issues surrounding cybersecurity, aimed at organisations’ non-technical decision-makers. Together, we’ll be highlighting key cybersecurity and data privacy fundamentals and looking at the interplay between law and practice in this area. For more information, click here