Ninety One per cent of UK IT directors confessed their organisation had been the hit with a cyber attack.
50% experienced an attempted hack from malware and 42% said they were hit by the installation of illegal software by trusted insiders with 33% suffering a loss of confidential information.
60% of businesses have not trained their staff on information security and only 49% keeping an eye on their users’ access to applications, computers and software.
About 56% of ISO 27001 certified organisations were reportedly conscious of the risk compared with 12% of uncertified businesses.
52% of organisations those implementing ISO 27001 are highly positive about their resilience level against the cyber hacking methods.
Mike Edwards, a BSI Information Security Specialist, said: "Businesses who can identify threats are more aware of them. Our experience confirms this, we know that organizations with ISO 27001 can better identify the threats and vulnerabilities to their information security and put in place appropriate controls to manage and mitigate risks."