The Information Commissioner’s Office has called for organisations to step up their cyber security measures and improve the protection around the personal information they hold. The ICO said cyber attacks were a growing threat and that more than 3,000 cyber breaches were reported to the ICO in 2023, with the finance (22%), retail (18%) and education (11%) sectors reporting the most incidents.

Stephen Bonner, deputy commissioner of regulatory supervision at the ICO, said: “People need to feel confident that organisations are doing as much as they possibly can to keep their personal information secure. While cyber attacks are growing more sophisticated, we find that many organisations are not responding accordingly and are still neglecting the very foundations of cyber security.

“As the data protection regulator, we want to support and empower organisations to get this right. While there is no single solution to prevent cyber attacks, there is absolutely no excuse for not having the foundational controls in place. These are essential to protecting people’s personal information and we will take action, including fines, against organisations that are still not taking simple steps to secure their systems.”

---