Almost half of UK businesses do not have a formal cyber security strategy implemented, despite the perilous nature of the current threat landscape.
It was found that just 57% of UK businesses have implemented a formal cyber security strategy, which will no doubt cause great alarm among cyber security professionals given the number of high profile attacks in recent years.
The IoD report, Cyber security: Ensuring business is ready for the 21st century supported by Barclays, shows that despite a number of high-profile cyber-attacks over the last year, more than a third (37%) of IoD members lead or work in organisations without a formal cyber security strategy, and worse still, in the event cybercrime was to hit their business, 40% would not know who to report it to.
The report also revealed that just 49% of businesses have provided awareness training for staff. A critical cyber security weak spot is the human element of a business, and it is this that makes the lack of staff training and awareness in over half of UK businesses a serious problem.
Richard Brown, Director EMEA Channels & Alliances at Arbor Networks: “The fact that more than a third of UK businesses lack a formal strategy against cyber-attacks is shocking. Attack methodologies are evolving by the day and as such, it is no longer acceptable for businesses to be complacent about their cyber security strategy.
Mr Brown said: “Businesses must take the fight to cyber-criminals with improved intelligence sharing and better co-operation with law enforcement. Organisations should also instrument their internal networks so that they have broad and deep visibility of network traffic, threats and user behaviour.”
With mobile devices being carried inside and outside the office by employees at an all-time high rate, it is imperative that workers are conscientious of their own cyber conduct. Private devices constantly crossing the security and network threshold of a business mean contamination is a constant risk.
The survey also includes the finding that only 1% of the members surveyed claim to be completely unreliant on the internet, indicating the exposure of the vast majority of UK businesses to potential cyber threats.