UK businesses still failing to address cyber security, research claims

PwC study shows that UK firms are still not making enough effort to address security threats

Despite the ever-growing threat of cyber attacks, new research has shown that businesses in the UK are failing to effectively prepare themselves for an attack.

A study conducted by PwC showed that almost half of UK organisations lack a dedicated inter-departmental team working on business-wide security issues, and more than 15% do not conduct any cyber security drills or preparations.

On top of this, businesses are still failing to place adequate importance on cyber threat intelligence. Almost a third of respondents admitted that they have no idea how many cyber attacks they suffered in the past year, and one-third said that they had no idea how the attacks they they fell victim to were carried out.

"Cyber attacks could happen to any organisation at any time,"said PwC cyber security partner Richard Horne, "so it's important that all businesses and public sector organisations are getting the basics right and continually testing their approach to prepare themselves in the right way. In that critical moment when an attack hits, the ability to act quickly and effectively is key to minimising business disruption and reputational harm."

For UK companies, the biggest risk comes from their own employees, with more than a quarter of attacks using staff members as an initial attack vector. This is compared to the rest of the world, where compromised mobile devices present the most common threat.

While the average monetary cost of a breach actually fell this year, the study showed that exfiltration of records and information is increasingly the aim of breaches. Compromisation of customer and employee records were reported by more than 20% of businesses, and more than 20% reported the loss or damage of internal records.

Encouragingly, more than 60% of organisations surveyed said that they have an overall security strategy. However, less than 40% said that their boards do not actively participate in their strategy, lagging 10% behind their global counterparts.

"Cyber security needs to be viewed as a 'team sport' rather than just an issue for the IT team,"Horne said. "To be most effective, everyone in an organisation should be considering the security implications of their actions. Pulling a business together like that requires strong leadership from the top."

"Working with others across the public and private sector is key too. Forging close working collaborations and sharing intelligence is often the best way to tackle the latest threats. New forms of attack require new ways of working to defend our society."

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

IT security awareness and training firm KnowBe4 acquires MediaPRO
Acquisition

IT security awareness and training firm KnowBe4 acquires MediaPRO

3 Mar 2021
High-risk email security threats increased by 32% last year
phishing

High-risk email security threats increased by 32% last year

3 Mar 2021
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

3 Mar 2021
Microsoft Exchange targeted by China-linked hackers
zero-day exploit

Microsoft Exchange targeted by China-linked hackers

3 Mar 2021

Most Popular

How to build a CMS with React and Google Sheets
content management system (CMS)

How to build a CMS with React and Google Sheets

24 Feb 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
National Grid plots £450 million overhaul of Britain’s fibre network
Network & Internet

National Grid plots £450 million overhaul of Britain’s fibre network

2 Mar 2021