National Cybersecurity Failings: How Businesses Can Improve Their Security

Uploaded on 2021-09-14 in TECHNOLOGY--Resilience, INTELLIGENCE--Europe, FREE TO VIEW

The European Cybersecurity Index produced by ESET was published recently, revealing the best and worst European countries for cybersecurity. Despite the United Kingdom scoring highly for cybersecurity in the past, the Index placed the UK 17 out of 24, making the country the 8th worst for cybersecurity across Europe.

The result is surprising as the same Index showed that the UK has the highest commitment to cybersecurity out of the 24 countries analysed.

Businesses have been left wondering what they can do to improve their cybersecurity and protect themselves from threats.

Factors In The Index

The European Cybersecurity Index analysed 24 countries in Europe on a number of different factors, scoring the countries for each factor to create an overall total. The factors were:

  • Percentage of victims of malicious software, social network or email hacking, online banking fraud, identity theft, with percentages of victims over the last three years taken from the Europeans’ Attitudes Towards Cyber Security.
  • Cybersecurity legislation, utilising the Cyber Regulation Index to identify seven categories for legislation and to rank the countries based on their total number in those categories

The UK’s Commitment To Cybersecurity

One of the factors the European Cybersecurity Index used to rank countries was their commitment to cybersecurity. The Index took into account several factors to collate these scores, from national cybersecurity strategies to awareness campaigns and professional training.

The UK scored the highest, with a commitment score of 0.931. The lowest was Greece with a score of 0.527. Yet despite this commitment, the UK was placed 17th overall, while Greece came in 4th.

A commitment to cybersecurity is not enough for countries to score highly on the European Cybersecurity Index. The UK scored the lowest for exposure rank, suggesting a higher risk of exposure to cybersecurity threats. With this and other factors taken into account, including bank fraud, identity theft, and social network hacking, the UK placed 8th worst in Europe for cybersecurity.

Businesses can improve their cybersecurity by learning from other countries in the ranking.

How Other Countries Ranked

Greece - lowest scores of banking fraud:   Greece placed 4th overall in the ESET Index and has been recognised as one of the best countries in Europe for banking fraud prevention. Just 1% of Greek citizens experienced banking fraud within the last three years.

While banking fraud can occur as the result of phishing emails and scams, UK businesses need to focus on reducing the risk of breaches and improving their security posture for extra security. An effective method to achieve this is through the use of Artificial Intelligence (AI) based tools. 

There are numerous ways in which AI can be used, but AI network protection can help in-house teams effectively manage cybersecurity threats and breaches. AI-based systems deliver up-to-date knowledge of global industry threats, predicting potential threats and breaches and guiding decision making within your organisation.

With a self-configuring network powered by AI, any vulnerabilities can be dealt with efficiently through self-patching. AI, machine learning, and deep learning can be used together to not only make real-time predictions on risks and potential threats but to resolve software bugs that could lead to vulnerabilities.

Germany - highest number of cybersecurity legislation:   While Germany placed 12th overall in the ESET Index, the country notably scored highest for the number of cybersecurity legislation in place. The country values IT security and is recognised for prioritising cybersecurity skills.

German universities are considered to be some of the best in Western Europe for their focus on cybersecurity, embedding it within other subjects, and with the significant skills shortage in the IT industry at present, it is vital that businesses around the world focus on addressing those skill gaps. IT is vital to every business, and without effective training in place, businesses will find a greater number of cybersecurity threats to address.

Skills training in cybersecurity is essential to every single industry. The transition from office-based work to remote-working for many businesses means that there are more vulnerabilities to address, and effectively training the workforce is the best way to prepare employees against threats.

The training can cover different subjects, from phishing email awareness, cybersecurity compliance, and emerging technologies. Cybersecurity training is not exclusive to those wishing to enter the industry. It is essential training for all to undertake, from low-level employees to C-suite executives, and is the most effective way to protect your data.

Portugal - the most cyber-secure country in Europe:   Portugal is the most cyber safe country in Europe, according to the European Cybersecurity Index. They scored the lowest out of all 24 countries for the number of victims of malicious software, social media and email hacking, and identity theft.

UK businesses can improve their cybersecurity by using Portugal as an example of best practice.

Many social media platforms are adding additional layers of security, such as dual-factor authentication to stop unauthorised log-ins. Online workspaces have followed suit, and utilising it can prevent cybersecurity threats and hacking attempts. Businesses should be encouraging their staff to use dual-factor authentication where possible.

Another valuable way to protect valuable data and identity information is to decentralise IT systems. The current skill gap in the industry makes it challenging to upskill in-house cybersecurity teams to address all of the vulnerabilities. This can lead to challenges in response times to threats.

Outsourcing certain areas of operations can address skill gaps and focus internal resources on key areas of operation. Trusted partners can ensure the security of outsourced areas. By decentralising cybersecurity in your business, you are reducing the risk of a vulnerability allowing access to the entire system. It greatly reduces the number of systems that can be accessed, providing thorough security and allowing internal teams the opportunity to respond quickly to risks.

Commit To Cybersecurity In Your Business

The UK’s ranking for commitment to cybersecurity does not match up with the country’s overall ranking in the European Cybersecurity Index. The Index shows the countries with better responses to cybersecurity issues, giving businesses an indication of the steps they can take to integrate cybersecurity solutions across all levels of operation. 

When the UK has the greatest exposure to cyber threats across Europe, businesses must take the steps to protect themselves. More thorough training, the implementation of AI networks, and a greater understanding of risk can go a long way to improve organisational cybersecurity. 

About the Author: Hayley Kershaw writes for AdvanceFirst Technologies, a the leading EDI specialists with a global presence and a commitment to helping businesses thrive.

You Might Also Read: 

IISS: Cyber Capabilities & National Power Rankings:

 

« Apple's Emergency Patch For NSO Hack
British Organisations Are Unready For Remote Work »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Latham & Watkins LLP

Latham & Watkins LLP

Latham & Watkins is an international law firm. Practice areas include Data Privacy, Security and Cybercrime.

Verlingue

Verlingue

Verlingue (formerly ICB Group) is a leading corporate insurance broker providing Insurance, Risk Management and related advice to businesses and private clients.

RedLock

RedLock

The RedLock Cloud 360TM platform correlates disparate security data sets to provide a unified view of risks across fragmented cloud environments.

Asseco Group

Asseco Group

Asseco Poland stands at the forefront of the multinational Asseco Group. We are a leading provider of state-of-the-art IT solutions in Central and Eastern Europe.

NSIDE Attack Logic

NSIDE Attack Logic

NSIDE Attack Logic simulates real-world cyber attacks to detect vulnerabilities in corporate networks and systems.

Defence Intelligence

Defence Intelligence

Defence Intelligence is an information security firm specializing in advanced malware protection.

Cyber Threat Defense (CT Defense)

Cyber Threat Defense (CT Defense)

CT Defense specialize in penetration testing and security assessments.

ACA Group

ACA Group

ACA Group are a leading governance, risk, and compliance (GRC) advisor in financial services.

Jacobs

Jacobs

Jacobs is at the forefront of the most important security issues today. We are inspired to be the best and deliver innovative, mission-focused outcomes that matter to our clients.

Pentesec

Pentesec

Pentesec is a security specialist offering professional services, managed security services and expertise within an extensive range of security technologies.

UK Cyber Security Association (UKCSA)

UK Cyber Security Association (UKCSA)

The UK Cyber Security Association (UKCSA) is a membership organisation for individuals and organisations who actively work in the cyber security industry.

Open Source Security Foundation (OpenSSF)

Open Source Security Foundation (OpenSSF)

OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.

Vaultinum

Vaultinum

Vaultinum are a trusted independent third party specialized in the protection and audit of digital assets.

Obscure Technologies

Obscure Technologies

Obscure Technologies is a firm of experts, specialised in brokering the best security solutions to market.

Gutsy

Gutsy

Gutsy uses process mining to help organizations visualize and analyze their complex security processes to understand how they actually run, based on observable event data.

42Crunch

42Crunch

42Crunch provides API security testing and threat protection. We proactively test, fix and protect your APIs from development to runtime.