Cyber Security – how businesses are faring
The Government and industry leaders in Cyber Security want to make the country the safest place to do business in the digital world. Today, cyber threats pose one of the biggest dangers to the economy and businesses are being urged to take action to protect themselves.
Annual Cyber Security Survey
The annual Cyber Security Survey conducted in 2015 on behalf of the UK Government by consultancy firm PwC, draws a startling picture of the threat businesses large and small are facing. The top line results of the survey showed nearly 700 businesses, 50% of which were SMEs.
Rising security breaches
In the last year, 90% of large organisations and 74% of small businesses experienced a security breach. An increase from 81% and 60% respectively on the year before. 59% of organisations which responded to the survey expect additional security issues in the coming year.
The survey showed that larger corporations are prone to more frequent and more severe breaches, but smaller businesses are also increasingly susceptible to malicious security breaches too.
Additionally, although the average number of breaches individual smaller businesses suffered dropped from six breaches down to four, the combined number of breaches has increased. This shows that cyber attackers are spreading their assaults to find more unprepared businesses, with these typically being smaller companies.
The cost of a security breach
Even though small businesses don’t experience as severe or frequent breaches, the breaches they do experience can have a much harsher impact on the business’ bottom line. For small businesses the survey revealed that most serious breach cost between £75k and £311k. The larger an organisation is, the greater the risk of a breach and the higher the associated cost becomes.
Cyber-attacks can also have a severe impact on a company’s reputation. For smaller businesses the survey showed a significant increase in adverse media coverage.
Emerging cyber defense trends
Almost every type of business experiences some form of a security breach, the majority of which have the potential to do untold harm. Positively, over recent years, businesses have shifted their focus to protecting their business and information precious to them by recognising that a cyberattack is now more likely to happen than not.
The survey revealed that smaller organisations reported a 44% increase in cyber security spend over the previous year. However, it also reported that very few businesses had implemented the UK Government’s Cyber Essentials scheme (see following article for more on this) with over half having no current plans to deploy it – probably due to a lack of awareness of its existence.
Among many businesses, there has been a growing trend in outsourcing a portion of their security functions to protect customer information and organisational reputation, including through the use of cloud computing and storage.
Knowledge is security
For businesses that are not knowledgeable about cyber security, it unfortunately often takes a detrimental security breach to recognise the risks involved. Based on the responses to the survey, most business only take appropriate actions to properly secure their IT systems, customer information and organisational reputation after they have incurred some form of attack.
The largest change (50% of affected businesses) was an increase in cyber security training for staff, followed closely by changes to configurations of existing systems (47%) and to company policies and procedures (39%).
For businesses that want to defend against a cyber-attack, staff must be properly trained in cyber security to understand the risks, be equipped to identify them and take appropriate action. Protect your business from the growing menace of cyber-attacks, by putting in place the correct systems and configurations, together with clear policies.