“Continuous investment and activity essential for staying ahead in cyber arms race” states Databarracks

UK organisations are concerned about their abilities to keep pace with the persistent rise of new cyber security challenges. This assertion is mirrored by new data from business continuity and disaster recovery provider Databarracks revealing that only 56% of UK firms believe they have sufficient cyber security skills in-house to deal with threats posed to their business.

Now in its tenth year, the company’s latest Data Health Check survey questioned over 400 IT decision-makers in the UK on a series of critical issues relating to their IT, security and business continuity practices. Focusing specifically on cyber security, key findings include the following:

*In 2016, 59% of respondents stated they had invested in safeguards to help fight cyber threats in the last 12 months. In 2018, this figure is now 67%

*The types of safeguards organisations have invested in to protect against cyber threats have changed dramatically in recent years. In 2016, only 12% of organisations confirmed they had updated their cyber security policy in the past 12 months. In 2018, that figure is 26%. Similarly, cyber threat monitoring software is now used in 28% of businesses compared to only 13% in 2016

*Employment of a Chief Information Security Officer (CISO) has jumped from 1% in 2016 to 14% this year

Peter Groucutt, managing director of Databarracks, commented: “Investment in cyber security safeguards should translate to improved confidence, but the findings of our survey show that this is yet to make a significant difference. We’re in the midst of a rapidly accelerating ‘arms race’. Organisations are desperately trying to catch the criminals by working hard to improve knowledge, training and investment in security defences, but are clearly concerned about keeping pace. Importantly, organisations shouldn’t become disheartened. While confidence levels are not where we had hoped they might be at this stage, businesses are making positive strides and acting on the front foot to fight back, which makes us optimistic for the future.”

Groucutt continued: “Critically, it’s not just about hiring a CISO, introducing a new cyber security policy or investing in new threat monitoring software. Rather, it’s about all of these activities and a fundamental culture change for most organisations. Cyber threats are evolving at such a pace that organisations cannot afford to stand still. In previous years, organisations have failed to match the threats with action and investment. Today, businesses are fighting back and shoring up defences their, as our data clearly shows.”

The research further reveals that 69% of organisations had reviewed their cyber security policies within the last 12 months. In 2015, only 54% had reviewed their policies.

Budgets are also increasing. 36% of organisations have seen their IT security budget increase in the last 12 months compared to 24% in 2016.

Groucutt concluded: “Over time, as organisations see this increased proactivity and investment lead to better security, we’re hopeful confidence levels will also improve.”

*Access the full Data Health Check 2018 document

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts