View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 18, 2017

Dire state of UK cybersecurity revealed: Budgets slashed, awareness failing

A colossal 44 per cent of UK businesses do not even have a cybersecurity insurance policy in place to stem the damage of an attack.

By Tom Ball

UK organisations are facing mounting scrutiny regarding the handling of cyber incidents, but a massive 28 per cent of businesses are not even aware of how many times they have been hit.

Combining with this statistic to form a deadly concoction, the average security budget has plummeted to £3.9 million, from a robust £6.2 million just a year ago.

Underlining the lack of cyber awareness among UK businesses, 49 per cent do not test their own cybersecurity defences. These statistics have been gathered and presented by professional services network, PwC, in its Global State of Information Security Survey 2018 report.

Dire state of UK cybersecurity revealed: Budgets slashed, awareness failing

On top of these already troubling findings, 44 per cent of UK businesses do not have a cyber insurance policy to manage the impact of a breach.

Richard Horne, Cyber Security Partner, PwC, said: “Forging close working collaborations and sharing intelligence is often the best way to tackle the latest threats. New forms of attack require new ways of working to defend our society.”

The report also found that the average recovery time for a business after being hit by an attack was 19 hours, a considerable period of time that would be damaging both financially and reputationally.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester
– Hackers exploit security KRACK in wifi – and no device is safe


– JPMorgan taps blockchain for new payments network


– Pizza Hut delivers data breach news late to affected customers

Bharat Mistry, Principal Security Strategist, Trend Micro, said: “I’m surprised that organisations still fail to test their security incident/breach response procedures and processes. The last thing you want when you have a breach is for staff to be reading the breach response handbook and trying to figure work out who should be what.

It is becoming clear that collaboration is essential for cybersecurity, yet 53 per cent of UK businesses still have not established a cross-organisational team to tackle the problem.

“In fact I would say if you haven’t tested your breach response plan, then it’s not worth the paper it’s written on. With the looming deadline of GDPR and the consequential fines for breaches of personal data it’s now more imperative than ever to make sure that you not only have a plan but its tested and effective to ensure compliance,” said Mistry.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.