British Businesses Must Do More To Protect Themselves

Uploaded on 2024-04-22 in NEWS-Cybersecurity News, FREE TO VIEW

Cyber attacks are increasing, but businesses aren’t helping themselves as half of those in Britain  suffered a cyber attack or security breach in the last 12 months . Indeed, the situation is so bad that the UK Government’s Cyber Security Report 2023, has been criticised for not highlighting how small businesses are failing to respond to the risks of cyber attacks.

The annual Cyber Security Breaches Survey is a research study for UK cyber resilience, aligning with the the National Cyber Strategy.  It is primarily used to inform government policy on cyber security, making the UK cyberspace a secure place to do business.

The study explores the policies, processes and approach to cyber security, for businesses, charities and educational institutions. It also considers the different cyber attacks and cyber crimes these organisations face, as well as how these organisations are impacted and respond,” says the Report.

Dealing With Breaches & Attacks

The Report explores how well businesses and charities deal with breaches or attacks, including identification, response, reporting and adaptation to prevent future cases. In the survey, questions on this topic were  framed in terms of the most disruptive breach or attack an organisation had faced in the last 12 months.

The results of reported in a key section of the report is based on ony the 50% of business and 32% of charities that identified breaches or attacks  rather than the full sample, consequently, the sector and subgroup anaylsis is unliklely to present a full picture. 

Even so, the survey results seem to demonstrate just how poorly British businesses - especially small businesses - are responding to the  challenge of preventing, detecting or responding to data breaches

One section of the survey focuses on how businesses respond to incidents, finding that only a few businesses report a breachand that more than a third (39%) said that no action was taken in response to their most disruptive breach in the last 12 months.
 
Commenting on these finding  Andy Kays, CEO of cyber security firm Socura, who deliver managed services to some of the UK’s biggest brands and  several NHS trusts, “It is incredibly disappointing to see such disregard for cyber security among the UK’s small business community. Despite years of warnings from experts, countless data breach headlines, and increased regulatory action, this issue still isn’t on their radar... Only a fraction of UK businesses have any kind of formalised incident response plan.. Businesses will always have a plan in case of a fire, but will not apply the same due care for a data breach, which is statistically much more likely."

According to Kays,  most businesses’ experience with cyber incidents is limited to phishing attempts, and their default response is to conduct security awareness training if they do anything at all.

“In the event of a breach, businesses are not keeping records, not informing the police or regulators, not assessing the scale and impact of the incident. They are failing to do the bare minimum. It’s also important to note that businesses are doing very little to prevent or detect breaches in the first place." Kays says.

Furthemore, the estimated financial cost of a data breachof just over £1,200 per incident seems low compared to other sources. “We know that large enterprise businesses can lose millions in the event of a data breach due to the disruption, reputational impact and share price drop. The ICO can also impose serious fines to businesses that fall foul of GDPR.” Kays said.

UK Government     |     Socura     |     Tech Radar

Image: Ideogram

You Might Also Read: 

Key Security Risks For Small Businesses:

DIRECTORY OF SUPPLIERS - Incident Response:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Hackers Using YouTube To Deliver Malware
Iranian Hackers Attack US Water Supplies »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Janusnet

Janusnet

Janusnet develops software and solutions for organisations to enforce and manage data security.

Council of Europe - Cybercrime Programme Office (C-PROC)

Council of Europe - Cybercrime Programme Office (C-PROC)

The Cybercrime Programme Office of the Council of Europe is responsible for assisting countries worldwide in strengthening their legal systems capacity to respond to cybercrime

Acalvio Technologies

Acalvio Technologies

Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter.

Stealthbits Technologies

Stealthbits Technologies

Stealthbits Technologies is a cybersecurity software company focused on protecting an organization's sensitive data and the credentials attackers use to steal that data.

ATIA

ATIA

ATIA provides consulting services in the design and implementation of IT system, Information Security, ISO certification, and professional IT training and education.

Sequoia Capital

Sequoia Capital

Sequoia Capital is a venture capital firm focused mainly on technology. We partner both with young companies finding their stride and established ones looking for growth.

AppOmni

AppOmni

AppOmni is the only SaaS CSPM solution that gives teams all the tools they need to be successful – from security posture management to monitoring and detection to continuous compliance.

AnaVation

AnaVation

AnaVation is a trusted partner delivering high-value, cost-effective solutions that solve the most complex technical and analytical problems for our customers.

Fortiedge

Fortiedge

Fortiedge is an IT Security solution provider specializing in Cyber Security practices and solutions for our clients.

Open Quantum Safe (OQS)

Open Quantum Safe (OQS)

The Open Quantum Safe (OQS) project is an open-source project that aims to support the development and prototyping of quantum-resistant cryptography.

AdvIntel

AdvIntel

AdvIntel is a next-generation threat prevention and loss prevention company launched by a team of certified investigators, reverse engineers, and security experts.

US Department of State - Bureau of Cyberspace & Digital Policy

US Department of State - Bureau of Cyberspace & Digital Policy

The Bureau of Cyberspace and Digital Policy leads and coordinates the Department’s work on cyberspace and digital diplomacy to encourage responsible state behavior in cyberspace.

nodeQ

nodeQ

At nodeQ, we are pioneering the future of computer networks, leveraging our deep expertise in quantum communication, artificial intelligence, and software-defined networking.

Adaptiva

Adaptiva

Adaptiva, the autonomous endpoint management company, delivers the fastest way to patch and manage endpoints at scale.

Computer Futures

Computer Futures

Computer Futures are a global specialist IT recruitment partner, matching candidates with roles across niche IT markets and core technologies.

Axiotrop

Axiotrop

AXIOTROP is a Cybersecurity firm offering leading services in assessment, remediation, and validation to protect the confidentiality, integrity, and availability of regulated information.

enQase

enQase

enQase offers security beyond PQC; the only comprehensive, scalable solution that utilizes enhanced quantum technologies to protect data against current and future quantum threats.

Bluecyber Insurance

Bluecyber Insurance

At Bluecyber, we are revolutionizing the cyber insurance market, democratizing access to digital protection for small and medium-sized businesses.