UK companies have a ‘distorted understanding’ of cyber-security risks, says survey

UK companies have a ‘distorted understanding’ of cyber-security risks, says survey

A new survey claims that UK organisations, including professional services, are misjudging the risks of cybercrime and their ability to fight them – whilst many are unwilling to admit when breaches have occurred.

In this day and age, it’s impossible for business owners to ignore the significance of the internet, with cybercrime rates growing just as quickly as the positive developments of the digital world. That’s why it’s vital to form the best line of defence including staff training, security software and dedicated insurance.

Data concerns

A joint study by LogRhythm, Gigamon and Forescout Technologies – three tech firms with respective backgrounds in security intelligence, traffic visibility and the Internet of Things – surveyed 2,000 IT professionals working for UK companies about their concerns relating to data security and their history of previous breaches.

44.45% of the survey’s participants expressed confidence that their company has never suffered a data breach, while 43.65% admitted they have suffered a breach, and 11.9% said they did not know. LogRhythm’s Ross Brewer says the number of people who claim never to have encountered a problem is in sharp contrast with what the statistics show.

“The 45% that say no, they are either not willing to admit the fact that they had a breach or they just don’t know because they don’t have the visibility”, he said.

Lacking visibility

The accuracy of the companies’ understanding of how long it took for their cyber breaches to be discovered was also doubted by the study. Almost 33% of participants claimed the hack was uncovered immediately. 28% said they learned about the attack within a month. Gigamon’s Trevor Dearing disputed the claim’s validity and doesn’t believe companies have complete visibility.

“Many of them claimed that they were able to detect in one day 100% of the threats and attacks that they saw on that day, but the reality is that they were only able to detect those that they had seen,” he said.

The difference between what is perceived to be happening and what is actually happening could be misleading business owners into missing vital signs of an attack, the group warned.

More than banks at risk

Overconfidence in your company’s risk level could lead to you neglecting adequate security and insurance measures, therefore attracting unnoticed attacks. Contrary to popular belief it is not only banks that are at risk of a hack, but SMEs and any other company whom hackers believe they can extort money from.

General cyber awareness is, however, improving. Companies realise that outdated methods such as antivirus software and firewalls need to be replaced. A combination of more advanced security software and full network visibility is becoming regular. Dedicated cyber insurance could provide financial security in the event of an otherwise costly attack.

A wide range of businesses, including professional services, can benefit from Cyber Liability insurance. Fiveways Insurance can incorporate this cover into a complete insurance package, tailored to your industry. Get in touch with us on 01952 812 380 or email to find out more.

Share this

Share this point with your friends