UK businesses show ‘worrying gap’ between awareness of cyber risks and business preparedness
- Published: Wednesday, 09 March 2016 10:28
British businesses are not taking cyber security seriously enough, the Institute of Directors (IoD) has warned, with under a third (28 percent) of cyber attacks being reported to the police. In a new report, ‘Cyber Security: Underpinning the Digital Economy’, supported by Barclays, the IoD revealed that companies were keeping quiet even though half (49 percent) of attacks resulted in interruption of business operations. The scale of the threat should not be underestimated, the business group added, with over 7 in 10 firms saying they had been sent bogus invoices via email.
The survey of nearly one thousand IoD members showed a worrying gap between awareness of the risks and business preparedness. Whilst 9 in 10 (91 percent) business leaders said that cyber security was important, only around half (57 percent) had a formal strategy in place to protect themselves and just a fifth (20 percent) held insurance against an attack. Worryingly, official efforts to tackle cybercrime seem to be failing to get through to businesses, with nearly 7 in 10 (68 percent) IoD members never having heard of Action Fraud Aware, the UK’s national reporting centre for fraud and internet crime.
The growing threat of breaches will create a ‘cyber paradox’, the IoD said, meaning that although business will increasingly take place online, firms will no longer feel confident in the encryption protecting sensitive information when it is transferred. This could lead to companies going back in time, and resorting to old-fashioned methods for sending important data.The full report, including the survey results and recommendations for how businesses can deal with the growing cyber threat, can be downloaded here (PDF).