top of page

Employees pose the biggest risk to business when it comes to cybercrime

People are the number one weakest link in an organisation when it comes to cybercrime and will be a primary target for criminals in 2023 through increasingly sophisticated phishing attacks, according to The Cyber Resilience Centre for Wales (WCRC).

The centre, which has now reached over 1,000 members after launching less than two years ago, is issuing its biggest predictions yet for next year and its Director, Detective Superintendent, Paul Peters says that raising awareness among businesses is crucial to reduce the risk of an attack being successful.

Paul comments: “Our members and partners we are speaking are all seeing an increase the number of sophisticated attacks in particular phishing attacks. And not only that, but there is also now a growing emergence of Welsh language phishing emails as cybercriminals try their best to infiltrate regional businesses.

“Phishing is where the attacker uses a form of communication, such as an email, and represents themselves as a reputable organization, in order to induce individuals to reveal personal information which can lead to account compromise, data breaches and malware infection. And this of course relies on the victim being unsuspecting of such an attack, so this is where being armed with the right knowledge and awareness is critical to keeping these risks at bay.”

Ransomware also shows no sign of easing up and will remain a significant threat. Attackers are increasingly stealing the data as well as encrypting it to increase the pressure for payment of the ransom. Yet, on a more positive note, more and more organisations are recognising the importance of supply chain cyber security and this will likely continue, especially as there will be more attacks through supply chains in the coming months.

This is certainly clear by the number of businesses the WCRC has signed up to date. Paul continues: “We now have more than 1,000 registered Welsh companies that have chosen to join WCRC’s membership community. We are increasingly finding businesses are taking a greater interest in not just their own security but their supply chain as well, all of which contributes to wider awareness. Yet there are still many more SMEs out there that need assistance, but this is an incredible achievement so early in the centre’s journey.”

The WCRC’s membership offer and services provide cyber security support and guidance ensuring business owners and their employees have the right processes in place and have the knowledge to recognise a targeted threat.

For more information on the Cyber Resilience Centre for Wales, its services and membership options, please visit To keep updated with all the latest WCRC developments follow the centre on Twitter, LinkedIn and Facebook.


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for Wales is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for Wales provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

The Cyber Resilience Centre for Wales does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for Wales is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page