UK organisations are concerned about their abilities to keep pace with the persistent rise of new cyber security challenges. This assertion is mirrored by new data from business continuity and disaster recovery provider Databarracks revealing that only 56% of UK firms believe they have sufficient cyber security skills in-house to deal with threats posed to their business.
Now in its tenth year, the company’s latest Data Health Check survey questioned over 400 IT decision-makers in the UK on a series of critical issues relating to their IT, security and business continuity practices. Focusing specifically on cyber security, key findings include the following:
*In 2016, 59% of respondents stated they had invested in safeguards to help fight cyber threats in the last 12 months. In 2018, this figure is now 67%
*The types of safeguards organisations have invested in to protect against cyber threats have changed dramatically in recent years. In 2016, only 12% of organisations confirmed they had updated their cyber security policy in the past 12 months. In 2018, that figure is 26%. Similarly, cyber threat monitoring software is now used in 28% of businesses compared to only 13% in 2016
*Employment of a Chief Information Security Officer (CISO) has jumped from 1% in 2016 to 14% this year
Peter Groucutt, managing director of Databarracks, commented: “Investment in cyber security safeguards should translate to improved confidence, but the findings of our survey show that this is yet to make a significant difference. We’re in the midst of a rapidly accelerating ‘arms race’. Organisations are desperately trying to catch the criminals by working hard to improve knowledge, training and investment in security defences, but are clearly concerned about keeping pace. Importantly, organisations shouldn’t become disheartened. While confidence levels are not where we had hoped they might be at this stage, businesses are making positive strides and acting on the front foot to fight back, which makes us optimistic for the future.”
Groucutt continued: “Critically, it’s not just about hiring a CISO, introducing a new cyber security policy or investing in new threat monitoring software. Rather, it’s about all of these activities and a fundamental culture change for most organisations. Cyber threats are evolving at such a pace that organisations cannot afford to stand still. In previous years, organisations have failed to match the threats with action and investment. Today, businesses are fighting back and shoring up defences their, as our data clearly shows.”
The research further reveals that 69% of organisations had reviewed their cyber security policies within the last 12 months. In 2015, only 54% had reviewed their policies.
Budgets are also increasing. 36% of organisations have seen their IT security budget increase in the last 12 months compared to 24% in 2016.
Groucutt concluded: “Over time, as organisations see this increased proactivity and investment lead to better security, we’re hopeful confidence levels will also improve.”
*Access the full Data Health Check 2018 document