At a time of direst need for cybersecurity capabilities, a massive 47 percent of UK organisations are concerned about the abilities of their staff to address cyber threats.
It has also been found that only 61 percent of organisations have reviewed their cybersecurity policies in light of a cyber threat in the past year.
More shocking still, 41 percent of organisations did not invest in any cybersecurity measures in the past 12 months, a statistic representing total ignorance to the treacherous threat landscape.
These findings were made by the business continuity and disaster recovery provider, Databarracks, via a survey put to 400 IT decision makers in the UK about their approach to security in the past year.
Peter Groucutt, managing director at Databarracks said: “Unfortunately, we are in the midst of an arms race against cyber criminals. Threats are becoming more frequent and more sophisticated. Organisations are desperately trying to address this by improving preventative measures and investing in education for staff, but as the evidence from the research shows, this is in fact doing little to improve confidence.”
General staff training in cybersecurity has been found lacking in the UK, with Accenture recently finding that the cost of poor cyber education has risen by 19 percent to £6.4 million.
The cost of NOT educating staff on cybersecurity? £6.4 million
Mastercard predicts the future with pre-emptive cybersecurity defence
Crowdstrike CTO: Theft and destruction are ‘just a few keystrokes’ apart
“Phishing and whaling attacks, for example, remain one of the biggest threats to a business. Fundamentally these types of attacks are focused on people not technology, which is why it’s imperative that cyber awareness training is continually invested in. Over the past year we have seen businesses investing in cyber awareness training increase from 26 per cent to 34 per cent and next year we want to see this grow further,” Groucutt said.
The report also included details of the most prevalent cyber threats in the past 12 months, with Viruses leading the way at 44 percent, followed by Spyware, Ransomware and phishing, in that order. With the arrival of GDPR now only months away, this revelation is all the more concerning as it reveals a continuing lack of awareness.