January 2026 members’ meeting minutes summary

• The President welcomed members and guests, confirmed the agenda, and thanked attendees for their time and contributions.

• Purpose of meeting: To educate local businesses on current cyber threats, prevention strategies, and the free support services available through Leicestershire Police and national cyber security agencies.

Speakers: DC 2959 Aaron Horn, Cybercrime Unit, Leicestershire Police
Slides: To educate local businesses on cyber threats, prevention measures, and free support

Key Takeaways

Multi-Factor Authentication (MFA) is a critical first line of defence and should be enabled on all business systems to prevent email compromise and financial fraud. Ransomware attacks are becoming more advanced, with organised groups stealing data and threatening to release it publicly to force payment. Businesses must use immutable backups to ensure data cannot be altered or deleted by attackers, enabling safe recovery. Free support is available from Leicestershire Police, including staff training, cyber awareness sessions, and fully funded technical audits to help businesses strengthen their cyber security such as:

• Multi-Factor Authentication (MFA) is Essential – MFA is the single most effective defence against Business Email Compromise (BEC), which is one of the most common causes of financial fraud. All business accounts, particularly Microsoft 365, Google Workspace, banking, and mobile provider accounts, should have MFA enabled.
• Ransomware is Increasingly Sophisticated – Cybercriminal groups now operate as organised cartels. They steal sensitive data before encrypting systems and threaten to release it publicly if payment is not made, increasing pressure on victims.
• Backups Must Be Immutable – Standard backups such as NAS drives or cloud storage can be deleted or encrypted by attackers. Immutable backup solutions ensure data cannot be altered or destroyed, allowing businesses to recover safely.
• Free Cyber Security Support is Available – Leicestershire Police offer free cyber awareness training, tabletop exercises, and the CyberPath programme, which provides fully funded technical audits conducted by trained cyber security students

Current Cyber Threat Landscape

• Businesses face increasing cyber threats, including Business Email Compromise (BEC), ransomware, and SIM swapping.
• Criminals may impersonate senior staff to request fraudulent payments, encrypt and threaten to release sensitive data, or take control of phone numbers to bypass security measures.
• To reduce risk, organisations should implement multi-factor authentication (MFA), use immutable backup solutions, strengthen access controls, and introduce secondary verification processes for financial transactions.

Emerging Threats

• Cybercriminals are increasingly using sophisticated methods to commit fraud and gain access to organisations.
• Highly realistic fake documents, such as bank statements and payslips, can now be easily purchased online, making traditional verification methods less reliable.
• In response, industries like mortgage and financial services are adopting more secure verification processes.
• At the same time, identity fraud is evolving with the use of AI-generated identities and deepfake technology.
• Criminals can impersonate job applicants or individuals during online interactions, allowing them to infiltrate organisations, access sensitive systems, and commit further fraud.
• These developments highlight the need for stronger identity verification and increased vigilance during recruitment and financial processes.

Police Support and Reporting Structure

• Businesses should report cybercrime incidents through the official Report Fraud service (formerly Action Fraud), which is the UK’s national reporting centre.
• For urgent situations, businesses are advised to contact the Leicestershire Police Cybercrime Unit directly for faster support and response.
• Cyber threats are monitored and investigated through a coordinated national structure, including the National Cyber Security Centre (NCSC), which protects UK infrastructure, the National Crime Agency (NCA), which tackles serious and organised cybercrime, and the Regional Organised Crime Unit (ROCU), which manages regional enforcement and investigations.