British Cyber Security Spending Is Rising

Uploaded on 2021-03-15 in TECHNOLOGY--Resilience, FREE TO VIEW

Two thirds of British based organisations will increase their cyber security budgets in 2021, despite the financial problems arising from the Covid-19 pandemic, according to a survey of cyber security decision-makers. 

This is because of the likely increase in cyber attacks in 2021, according to new research from NCC GroupTheir Report reveals that just 7% of respondents from public and private sector organisations anticipate overall budgetary cuts, suggesting a widespread determination to maintain cyber security spending amid an increasingly complex threat landscape.

However, 27% reported cuts to cyber security budgets in 2020, and three in 10 reported delays or cancellations to cyber security projects. The average UK cyber security budget is around $900,000, compared to an average of $1.46 million globally, according to Hiscox. 

The government has been urged to pump more money into cyber defences after new research revealed that more than 1m small businesses would collapse if they were targeted by hackers.A poll of more than 500 business leaders found nearly a quarter of UK SMEs, equivalent to 1.3m companies, were likely to go bust if they were forced to deal with the average cost of a cyber attack. Furthermore, a survey of 290 senior cybersecurity  professionals suggests that many security teams are actually downsizing because of the Coronavirus pandemic, which has simultaneously increased their workload

Only about thirty percent of UK organisations have done a cyber risk assessment in the last 12 months, according to the UK Government's report into cyber security breaches.

  • With Covid-19 being exploited by cyber criminals and forcing hasty migrations to remote working, 40% of organisations have frozen new cyber security  recruitment.
  • While 29% made redundancies, and 20% have furloughed staff.
  • 30% have experienced delays or cancellations to their cyber resilience projects.
  • 27% have reported actual cuts to their cyber security budgets. 

The data also suggests that these measures could have negatively affected cyber security resilience:

  • 70% of organisations that cut budgets, made redundancies or delayed or canceled their cyber projects reported an increase in cyber attacks. 

This operational shift also exposed concerns about the impact of people on cyber resilience:

  • Of the 39% that reported an increase in insider threats, 51% believed that an increase in remote working was the cause. 
  • Over 60% of decision makers claimed that they would increase the total amount spent on cyber security this year, with ‘making security improvements’ the highest priority area for investment.
  • 30% of UK business say they lost clients after a data breach and that nearly 40% of US organisations lost business because of security issues.
  • 66% of those polled said they planned to plug the gap with outsourcing in 2021, 50% of whom cited recruitment and retention as a key motive amid the world’s cyber skills shortages.

The NCC Group survey finds that those organisations that cut budgets or the size of their teams were more likely to suffered cyber attacks in general, while many respondents blamed home working for rises in insider threats and phishing and ransomware attacks. 

The proportion of those polled who considered their employer ‘very resilient’ fell from nearly half to 38% year on year.

  •  90% expressed confidence that they could promptly diagnose and remediate the root cause of a potential data breach and alert authorities within 72 hours, in comliance with  General Data Protection Regulations (GDPR) 
  • 49% of organisations scanned their network perimeter frequently.
  • 50% say that it is taking a week or more to patch vulnerabilities, while only 21% said all network-connected devices were regularly patched.
  • Understanding the threat landscape (70%) and securing funding (68%) were seen as the two biggest challenges currently facing organisations.

Decision-makers were far from bullish about surmounting these hurdles: 

  •  71% admitted to being ‘not confident’ about improving their organisation’s cybersecurity preparedness. 
  •  90% admitted to struggling to evaluate the costs and benefits of cyber security measures.
  •  31% agreed that benchmarking security activities was an effective solution.
  • 18% of UK organisations say that they don’t know how many cyber attacks they suffered in 2020.

Security incidents are costing organisations more than ever and 79% of UK companies have suffered down-time because of them. 

Growth within the cyber security sector has been driven considerably within the last two years by the introduction of the GDPR and enhanced business understanding of the risks and potential consequences of failing to store data securely.  New initiatives such as the NCSC sponsored Cyber Essentials programme have increased demand for cyber security advisory support across the UK economy.

These measures can only lead to better ways of maintaining effective cyber security and a more widespead recognition of its central place in doing business securely. 
 

NCC Group:      GovUK:       PWC:        CSO:     City AM:     Portswigger:      Image: Unsplash

You Might Also Read: 

Cyber Security: Take  Action:

If you would like more advice and recommendations about how you can improve your business cyber security, please contact Cyber Security Intelligence.

 

 

« European Banking Authority Attacked
Ethical Hackers Are Getting Rich »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Checkmarx

Checkmarx

Checkmarx provides state-of-the-art application security solutions with static code analysis software.

8MAN

8MAN

8MAN is a leading Access Rights Management (ARM) solution in Microsoft and virtual server environments.

IMS Networks

IMS Networks

IMS Networks specializes in the design and management of high criticality networks and telecoms services including network security and Managed Security Services.

MedCrypt

MedCrypt

MedCrypt are a team of medical device experts focused on bringing modern cybersecurity features to the next generation of healthcare technology.

Asia Data Destruction (ADD)

Asia Data Destruction (ADD)

ADD is the leading IT Assets Disposal and Data Destruction Company in Thailand.

u-blox

u-blox

u-blox deliver leading wireless technology to reliably and securely locate and connect people and devices.

Energia Ventures

Energia Ventures

Energia Ventures is a three-month intensive accelerator for entrepreneurs with an innovative business in the energy, smart grid, cleantech, and cybersecurity sectors.

Lewis Brisbois

Lewis Brisbois

Lewis Brisbois offers legal practice in more than 40 specialties, and a multitude of sub-specialties including Data Privacy & Cybersecurity.

Varen Technologies

Varen Technologies

Varen Technologies is an innovative consulting partner with highly respected cyber security, analytics, Agile Software Development and IT/maintenance expertise.

Searchlight Cyber

Searchlight Cyber

Searchlight Cyber is a leading darknet intelligence company. Working with law enforcement, industry, and end users to help protect society against the threats of the darknet.

LimaCharlie

LimaCharlie

LimaCharlie gives security teams full control over how they manage their security infrastructure. Get full visibility, build what you want, control your data, get the security capabilities you need.

Positka FSI Pte Ltd

Positka FSI Pte Ltd

Positka, being a Splunk Singapore partner, provides Splunk & Phantom Services, Cybersecurity & Risk Management, Analytics & Big Data, Lean Process Optimization, and Managed Security Services.

Cybecs Security Solutions

Cybecs Security Solutions

Cybecs was founded to address rapid technological advancement, changing business models, global privacy regulations, and increasing cyber threats for global organizations.

Cool Waters Cyber

Cool Waters Cyber

Cool Waters Cyber manage cyber security governance, risk and compliance.

Invictus International Consulting

Invictus International Consulting

Invictus International Consulting are a recognized leader in full-spectrum cyber technology solutions designed to protect the security of our nation's global defense and critical infrastructure.

Network Coverage

Network Coverage

Network Coverage align, maintain, and integrate technology and cloud solutions with business operations to improve productivity and security with as few issues and disruptions as possible.