One in three mid-market UK organizations suffered a +24 hour outage due to a cyber attack in 2021
- Published: Wednesday, 09 March 2022 09:29
Mid-market organizations in the UK suffered significant financial and operational damage as a result of cyber attacks in 2021, and want to see fundamental change to how cyber security is designed and run, new research reveals.
One in three mid-market organizations suffered an outage that knocked them offline for more than a day. Only half were able to prevent malicious attachments from reaching users’ inboxes. Shockingly, one in five (21 percent) were forced to pay hackers to deactivate ransomware. As a result, the top wish for cyber security in 2022 was to see security vendors open up traditionally closed point products to enable an automated response to cyber attacks.
The new findings are taken from ‘The UK mid-market on Code Red: the state of the UK’s cyber security response’, a report by cyber security provider, Censornet. Gathering insights from 200 UK-based IT and security leaders, covering ten different industries in both the public and private sectors, the research explored the biggest attacks of 2021, the challenges facing the mid-market and their plans for investment in 2022.
“For the UK mid-market, the cyber security situation is serious,” said Ed Macnair, CEO at Censornet. “The financial and reputational cost of cybercrime is rising, putting more pressure on overwhelmed professionals, who are tackling hundreds of alerts a day from siloed point products. Organizations must work smarter, not harder. Only when security systems work seamlessly together, faster than humanly possible, will we see the needle begin to move in the right direction.”
Attacks causing major damage
The report reveals that despite concerted efforts to protect themselves, mid-market organizations continued to feel the sting of cyber attacks in 2021 - often due to cross-channel attacks, which only 37 percent of organizations felt they had the ability to prevent. These incidents were driven in part by the unwitting insider threat: 17 percent of all respondents reported serious attacks after employees opened suspicious or malicious emails, with that number rising to 28 percent for businesses turning over more than £51 million.
Ransomware also posed a particularly serious threat, with more than two thirds (69 percent) of organizations feeling unable to protect themselves against it. Of those that suffered a ransomware attack and paid the ransom, the average pay-out was £144,000, with 7 percent of those handing over more than £500,000.
These vulnerabilities are also worsening in severity as more workers work remotely. Over half (51 percent) of mid-market organizations said they had not purchased cyber security products designed to specifically protect against threats for hybrid and remote workers.
Overcomplicated security driving high levels of stress
The research reveals that organizations are investing in large numbers of point products to tackle their risk. The average number of security products managed in a single organization stands at 24. Nearly a third (27 percent) are managing more than 31 security products at once.
As a result, on an average day, 716.4 cyber security alerts are generated. Each security professional has to investigate over 35.3 security alerts every hour and has just 102 seconds to assess what is a genuine threat. Not only that, but 38 percent of mid-market security staff said they had received a call in the middle of the night to investigate a cyber security incident.
This flood of alerts and out-of-hours demands translates into almost half (47 percent) of professionals feeling overwhelmed, with that figure rising to 59 percent in the public sector. It’s not hard to see why: almost one in ten (9 percent) cybersecurity staff say they suffered from sleep deprivation due to cyber security concerns, with the average amount of sleep standing at 5.7 hours per night, considerably less than the seven hours or more recommended by the NHS.
Automation and integration key to improving situation in 2022
In response to the challenges that organizations are facing, respondents indicated a clear need for fundamental change in the way cyber security is designed and run over the next year. Nearly half (46 percent) want security vendors to open up traditionally closed point products to enable automated response to cyber threats and/or cyber attacks. In line with these needs, three quarters (76 percent) of organizations said they plan to invest in a cloud-based security platform that allows their security products to autonomously share security event data to better protect their organization.