Think we’re safe from cyberattacks? Think again

Being completely immune is almost impossible. There’s no perfect prevention manual and no start or end point to cyber risk. The best we can do is minimise impact by putting strong response plans in place and learning from every incident.

Residents trust us with their personal data, and we have a responsibility to keep that information secure. So, now that the dust has settled, what have we learned?

Cyber preparedness is a capability that must be practised. Organisations that navigate incidents most effectively are those that have rehearsed them. They know who needs to act, which systems must be prioritised and how to keep critical services running. Clear communication flows and tested recovery plans ensure that when an incident strikes, your organisation knows what to do.

“Cyber preparedness is a capability that must be practised. Organisations that navigate incidents most effectively are those that have rehearsed them”

Know your networks. Housing providers are particularly exposed. Social landlords manage huge amounts of personal and financial data, making our systems highly attractive targets. Digitisation and increased connectedness have only amplified that risk. Colleagues now interact, access resources and receive technology support across a growing range of platforms, channels and remote tools.

The lesson? Every organisation needs a clear understanding of the networks and systems that matter most. Ask yourself: what can we not operate without?

That includes identifying the greatest vulnerabilities, strengthening protection around them and agreeing on how you will function if they are compromised. Crucially, it also means involving InfoSec teams in procurement decisions, even when it seems we have no direct role.

Humans are at the heart of cyber resilience. The threat wasn’t an advanced piece of malware engineered by a highly skilled hacker. It was a voice note. ‘Vishing’ works by creating urgency, familiarity, and trust. It preys on human instinct, and catches unsuspecting people off guard when they’re simply trying to be helpful.

Yet awareness also turns potential victims into our strongest line of defence. Employees are central to cyber resilience. They’re the ones who spot unusual activity and raise the alarm when something feels wrong.

Our recent Cyber Security Awareness Week brought this to life. Through hands-on sessions and real-world examples, colleagues saw how quickly a scam can escalate, and how much difference one informed person can make.

“Automation and AI-powered techniques are accelerating threat evolution, making it harder for organisations to keep pace”

Being cyber safe is a collective responsibility. In the world of cybercrime, attackers and defenders have long been locked in an arms race. Criminals exploit a weakness, victims patch the gap and the cycle repeats itself.

It’s a familiar dynamic, except the state of play is anything but static. Automation and AI-powered techniques are accelerating threat evolution, making it harder for organisations to keep pace. Attackers are designing more convincing scams, while defenders scramble to anticipate their next move.

Staying vigilant means preparing for today’s attacks while anticipating tomorrow’s. The most effective strategy combines forward-thinking planning with continual education.

That’s where Information Exchange Groups come in. By talking about incidents and lessons learned, organisations help raise the bar for everyone. Resilience involves openness, and that only works if we are willing to be honest about our own experiences.

This is why we set up the Social Housing Collective Intelligence Forum. It brings together members to share knowledge, exchange information, and discuss real-world challenges.

It has proved powerful, giving others a ‘heads up’ that has helped prevent attacks. Although we’re in competition with one another, we’re also seeing rival companies join forces to reduce risk. We can all learn from one other, and we all share the same goal: stopping the criminals.

When an attack is a matter of ‘when’ rather than ‘if’, preparation becomes essential to reducing its impact. Organisations are now judged not on whether incidents happen, but how effectively they respond.

In this environment, preparedness, alongside awareness, education and collaboration, are our best tools. By sharing our responses openly, we’ll turn today’s lessons into tomorrow’s resilience.

And remember, if you receive a message, audio or video that feels unusual or out of place: take a minute to pause and verify. That moment of caution could be the difference between a major incident and business as usual.

Goher Mohammad, head of information security, L&Q