More than £1.8bn has been lost to fraud and cybercrime in London over the last year, according to the UK’s National Fraud Intelligence Bureau, making the capital and its 1.038 million businesses one of the ecosystems most at risk of digital crime in the country.
This threat is particularly daunting for small and medium-sized businesses (SMBs), which are increasingly targeted by cyber-attackers and often do not have the same capacity and budget – and sometimes awareness – as bigger enterprises to strengthen their cyber resilience. Around 250,000 London-based SMBs suffered at least one attack or breach in 2021, accounting for 35% of all small and micro businesses in the British capital.
To help them improve their cybersecurity posture, the Greater London Authority launched the Cyber Resilience Centre (CRC) for London on October 25, 2022. This not-for-profit organization is the latest branch of the National Cyber Resilience Centre Group (NCRCG), a network of nine police-run independent cybersecurity centers across England and Wales, partly funded by the UK’s Home Office, set up two years ago to help strengthen the reach of the National Cyber Crime Programme.
Operational since April, the London CRC was officially announced by Sophie Linden, Deputy Mayor for Policing & crime from London’s City Hall.
Free Membership
The center will involve “a small core team of permanent staff helped by volunteers and students from the Cyber PATH program [open to students in full-time higher education who want to help UK businesses defend against cybercrime],” Simon Newman, CEO of the London CRC, added, and will work with London’s Met Police, the City of London Police and the British Transport Police to help SMBs in London reduce their vulnerability to the most common types of cybercrime.
While the center is yet to announce a base Newman said the team “will be mostly on the road.” He hopes they can “establish three or four offices spread across the capital that we can use so that we are not too centrally focused.”
Businesses will be able to sign up for a free London CRC membership online, with access to a number of contents, including safety advice, how-to videos, self-help toolkits for businesses, a monthly newsletter with hints and tips on improving cyber resilience, monthly cyber threat reports from the National Cyber Security Centre (NCSC) – with which the center has signed a memorandum of understanding – as well as regular guidance from the Met Police and the City of London Police’s dedicated teams.
More to Come
The London CRC is not just a database of cybersecurity tips. Over the next three years, the center aims to help support around 20,000 London businesses improve their cyber resilience. CRC members can contact the CRC team for any urgent questions or work with them to receive training for their staff, get Cyber Essential and Cyber Essentials Plus certifications or even start their journey to join London’s Safer Business Network.
“We will also provide online webinars and organize in-person conferences, breakfast meetings and other types of business talks,” Newman stated. Some of this content will be included in the center’s Community Outreach program, “where we go out with uniformed police officers and visit business owners at their place of work,” he described.
With the launch of the London CRC, Linden announced that the Mayor of London is investing £200,000 in this program.
Additionally, the CRC offers several subscription packages which provide access to additional support, such as cybersecurity awareness sessions for wider staff and one-to-one support.
Starting With the Basics
The London CRC is “the final piece of the jigsaw” after the first of the nine NCRCG branches, the Business Resilience Centre for the North-East, was launched in 2019, Angela McLaren, City of London Police Commissioner, told an audience at City Hall on October 25.
The NCRCG model was “based on the Scottish Business Resilience Centre, which has been running for over 26 years now and has been very successful,” explained Newman. “The idea was to bring that south of the border and replicate it on a regional basis.”
“With the highest number of businesses in the country, the task of the London CRC is in some ways more complicated. But in other ways, we also have the highest geographical concentration of businesses and excellent joint-up work between police forces, businesses and academia, which will make our work easier,” he added.
The London CRC has already set up a first-year plan with one topic per month that will be focused on the basics, “what every business should have as an absolute minimum without spending a penny and with which 98% of all cybercrimes can be prevented – things such as two-factor authentication (2FA), password policy, automatic updates, staff training and so on,” Newman stated.
“We will then address more technical controls from our second year of existence,” he concluded.