Cybercrime is one of the biggest concerns for UK businesses, according to EY’s 13th Global Fraud Survey. Specifically 74% of respondents stated cybercrime to be a high risk to their organisation compared to 49% globally – second only to Brazil at 76%. The survey included in-depth interviews with more than 2,700 executives across 59 countries (of which 50 respondents were from the UK), including chief financial officers, chief compliance officers, general counsel and heads of internal audit. Globally, nearly 40% of all respondents believe that bribery and corruption are widespread in their country, however, in contrast, this drops to 18% in the UK. Despite the UK performing well on serious fraud and corruption, the survey did highlight that almost half (46%) of UK executives are willing to offer corporate entertainment in order to retain business” far higher than the global average of 29%. John Smart, Head of EY’s UK Fraud Investigation & Dispute Services (FIDS) practice, says:” The rest of the world is playing catch up with the UK in recognising cybercrime as a serious threat. High-profile cybercrime incidents and a number of government initiatives may have played an important role in ensuring high awareness of this issue amongst business leaders here in the UK.” John goes on to warn:” The conversation now needs to move onto how businesses respond to these dangers. Awareness is just the beginning and business leaders need to ensure robust incident response strategies are in place. When a data breach does occur, many companies fail to investigate how and why an attack has taken place, which can leave networks compromised and exposed as the full extent of the breach is never uncovered.” The research also found that businesses perceive employees to be a bigger concern (36%) than organised criminals (26%) when it comes to sources of cybercrime. Paul Walker, Head of Forensic Technology and Discovery Services at EY, comments:” The results may not necessarily indicate mistrust between employers and employees when it comes to cybercrime issues. The issue is whether employees take cybercrime as seriously as management do. Employees are sometimes seen as the weak link with individuals susceptive to phishing emails” where spoof emails are sent out in an attempt to gain passwords or confidential information, downloading viruses and transferring files to unauthorised personal devices.” However, for the UK not all is doom and gloom. The country is performing significantly better than the rest of the world when it comes to getting the basics right around fraud and corruption. According to the survey, 94% of respondents agree that senior managers in the UK have strongly communicated a commitment to anti-bribery policies” roughly 10% more than the global average. UK businesses are also top of the preparation table, with 88% having attended some form of bribery and corruption training. Furthermore, the UK is third globally when it comes to whistle-blowing procedures, with 82% of respondents stating that their organisation has a whistle-blowing hotline. Despite these important processes being in place, 14% of UK businesses still reported a significant fraud in the last two years and 18% of executives consider bribery and corruption to be widespread. This may demonstrate that a culture of good compliance is failing to work its way down organisations.
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.