'Significant' cybersecurity pressures on UK businesses

92% of UK businesses have experienced a cyberattack in the last 12 months, with over two-thirds (72%) successfully breached at least once.

  • 3 years ago Posted in

UK businesses are struggling to deal with multiple urgent cybersecurity challenges, new research by Keeper Security has revealed. The 2021 Cybersecurity Census Report shows cyberattacks are becoming more vicious, frequent and sophisticated, while UK businesses are underprepared and too slow to counter these attacks. As a result, senior leaders within UK organisations are preoccupied with playing a cyberattack blame game instead of investing in boosting their defences.

 

The report has found that more than nine in ten (92%) UK business suffered a cyberattack in the last 12 months and three quarters (78%) feel unprepared to deal with this threat. Nearly a third (31%) believe CTOs should take the blame in the case of a successful cyberattack. Such a weight of responsibility means cybersecurity standards are dropping: 36% of senior IT leaders confess to having kept a cyberattack to themselves, while 32% admit to using weak credentials such as ‘password’ or ‘admin’ to protect their data. 

 

“UK businesses are clearly worried about their cybersecurity and, as our report has found, the challenges are manifold, affecting everything from budgets to productivity,” said Darren Guccione, CEO & co-founder, Keeper Security. “While there is a desire to boost security efforts, companies are facing many competing challenges right now and, understandably, might not always make cybersecurity investments a priority. Our report is an urgent reminder for organisations to proactively address their cybersecurity challenges as a priority since deferring them will make the consequences far more severe.”

 

Key findings include:

Almost all (92%) UK organisations are aware of gaps or weak links in their cybersecurity defences are, but less than half (40%) are actively addressing all of them

Two-thirds (66%) of UK organisations have relaxed their cybersecurity policies over the past 12 months so staff can work remotely or in order not to stifle productivity

58% of IT professionals feel employees at their organisations do not understand the full consequences of poor cyber-hygiene

61% of UK companies have a skills shortage in cybersecurity 

The financial fallout of cyberattacks has been damaging, too, costing nearly one in ten (8%) UK businesses over £1 million 

An overwhelming 87% of IT leaders support the creation of a nationwide governing body to hold businesses to account when it comes to best online security practices 

And almost all (91%) are in agreement that UK businesses should be legally required to have basic cybersecurity protections in place to be allowed to operate

 

“Companies are struggling to put the right solutions in place to cope with cyberattacks and the consequences are both damaging and costly,” said Craig Lurey, CTO and co-founder, Keeper Security. “The conditions caused by Covid-19 have led to an increased amount of hybrid working, making effective cybersecurity defences even harder to achieve. But if businesses want to bounce back fully after the pandemic, they must get their security hygiene in order without delay.”

 

Despite the rise in cyberattacks and increasing pressures felt by security teams, more than a quarter of UK companies (28%) do not consider IT to be even in their top three priorities as they plan for the next 12 months. This is particularly worrying, given almost all (92%) UK organisations know where the gaps or weak links in their cybersecurity defences are but well under half (40%) are actively addressing them.

 

Guccione concludes: “While this situation can't be rectified overnight, there are straightforward steps UK businesses can take to boost their cyber defences. First, organisations should do a comprehensive cybersecurity audit, looking at where the gaps lie and how they can be addressed. Next, they need to put in place a clear plan of action for how to address these challenges. Running cybersecurity training sessions to educate employees and introducing a password management platform to keep credentials safe and secure are two simple, yet highly effective actions business can take today, to be better prepared against cyberattacks tomorrow.” 


Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...