One fifth of UK business executives from non-IT functions would pay hackers’ ransom demands to cut costs rather than invest in information security.
According to the latest report commissioned by NTT Security they say that businesses are still making the same mistakes, failing to make any progress in crucial areas such as cyber security awareness and preparedness
The report shows that a further 30% in the UK are not sure whether they would pay or not, suggesting that only about half are prepared to invest in security to proactively protect the business.
This means many businesses are still stuck in a reactive mindset when it comes to cyber security.
The findings are particularly concerning, the report said, given the growth in ransomware, as identified in NTT Security’s Global Threat Intelligence Report (GTIR), published in April. According to the GTIR, ransomware attacks surged by 350% in 2017, accounting for 29% of all attacks in Europre, the Middle East and Africa and 7% of malware attacks worldwide.
Levels of confidence about being vulnerable to attack also seem unrealistic, according to the report, with 41% of respondents in the UK claiming that their organisation has not been affected by a data breach.
More realistically, 10% of UK respondents expect to suffer a breach, but nearly one-third (31%) do not expect to suffer a breach at all.
More worrying, the report said, is the 22% of UK respondents who are not sure whether they have suffered a breach or not.
Given that just 4% of respondents in the UK see poor information security as the single greatest risk to their business, this is unsurprising, the report said. Only 14% regard Brexit as the single greatest business risk; the list of concerns was topped by competitors taking market share (24%) and budget cuts (18%).
When considering the impact of a breach, UK respondents are most concerned about what a data breach will do to their image, with almost three-quarters (73%) concerned about loss of customer confidence and damage to reputation (69%), which are the highest figures among the countries polled.
The estimated loss in terms of revenue is 9.72% (compared with 10.29% globally, up from 9.95% in 2017). .
The report found there is no clear consensus on who is responsible for day-to-day security, with 19% of UK respondents saying the CIO is responsible, compared with 21% who said the CEO, 18% the CISO and 17% the IT director.
A key area of concern, according to the report, is whether there are regular boardroom discussions about security, with 84% of UK respondents agreeing that preventing a security attack should be a regular item on the board’s agenda. Yet only about half (53%) admit that it is and a quarter do not know.
With a lack of cohesion at the top, organisations are still struggling to secure their most important digital assets, the report said.
So if you want to save yourself stress, money and a damaged reputation from a phising data cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email [email protected] or complete the form on our contact page NOW