Ann-Marie recently joined us as our new Director of Technology, Innovation and Change. She has a wealth of cross-sector experience, working most recently in the retail sector. Here at Yorkshire Housing, Ann-Marie is leading the direction of our digital transformation and oversees our cyber security efforts.
For individuals, businesses, and nations alike, cyber security is a top priority. As a result of the pandemic and more recently the situation in Ukraine, the risk of a cyber attack is high across all sectors, and housing is no exception. In 2020, a quarter of UK social housing organisations were hit by cyber attacks.
Although every housing association has its own unique challenges when it comes to IT, collectively we all share the same cyber security threats and we’ve seen an increasing number of housing associations being targeted. We’re all at risk and as cyber attacks become more advanced, it’s unfortunately a matter of when rather than if an attack takes place. That’s why it’s more important than ever to work together and share our learnings to collectively fight against cyber criminals. It’s also why our approach needs to plan for how we respond to an attack rather than believing we can indefinitely avoid this happening.
According to our IT security partner NCC Group, cyber attacks almost doubled in 2021, rising 92.7% year-on-year. This is unsurprising when you consider our increased reliance on digital. Like many businesses when Covid-19 hit, we accelerated moving our services online and therefore expanded our digital footprint. With our Hub, Home and Roam approach our colleagues benefit from agile working arrangements and our customer transactions increasingly happen via digital channels.
As housing associations move towards cloud-connected systems and storing data online, an even greater consideration must be given to cyber security and investment must be increased to reflect this. Every tech-savvy housing organisation should have security by design positioned firmly in their digital transformation plans. This means choosing
the right technology to ensure resilience and security controls are at the core of our IT architecture.
Every housing association is different but there are steps we can all take to protect ourselves against cyber attacks. Essential elements are understanding the top IT priorities, areas of vulnerability, and what’s of value to a potential attacker. This information is key to helping build a robust IT infrastructure that’s moulded to an individual organisation’s unique set-up and needs. It will also help prioritise and manage cyber security risks. Today, risk management needs to go beyond compliance. Any housing association that’s serious about protecting their data will have cyber security integrated into their risk management process.
It’s important to remember that the responsibility of cyber security goes beyond our IT teams. A company-wide effort is needed. To make this happen requires a positive cyber security culture. That means hiring the right people with the right skills, providing top-quality IT training, and making sure senior leaders lead by example. We all need to work together, stay vigilant, and take the right actions if we notice something suspicious to protect our customers and our business. Outside the business, we also need to plan ahead with suppliers, contractors, and partners to mitigate risks posed by supply chain attacks.
At Yorkshire Housing, data protection has always been a top priority for us. Our customers trust us to keep their personal information safe. To make sure that we can continue to do so, we keep a constant focus on our cyber security efforts.
We’ve developed a robust IT strategy and continue to adapt it to the ever-changing digital landscape. Rather than drawing up solutions to traditional office problems, our business continuity planning is now focused around protecting our cyber security. We partner with NCC Group, a global expert in cyber security, to ensure that we stay on top of the latest developments and ahead of cyber criminals.
In 2022, having robust strategies, plans and solutions in place to prepare your organisation for a cyber attack isn’t just a nice to have, it’s a vital need. Cyber security will remain a high-risk threat for years to come. When organisations feel most vulnerable, this is an opportunity to share our learnings. We need to cover all bases, have a clear plan for what to do when things do go wrong and implement suitable defences. In doing so, we can be confident in the fact that we’ve put the right systems in place so that when a cyber attack happens, the repercussions will not be catastrophic to our organisations.