Defender Confidence Rising in Maturing UK Cyber Threat Landscape

Rick McElroy

Rick McElroy

Looking at the headlines around cyber attacks and security breaches, anyone would be forgiven for thinking that organisations face an insurmountable cyber security task, asserts Rick McElroy. However, when we delve deeper into the UK cyber security landscape, a more nuanced picture emerges.

In fact, there’s a real sense of positivity on the horizon when it comes to UK organisations’ assessment of their ability to detect and defend against cyber attacks. Despite the knowledge that the volume and complexity of attacks they’re facing continue at a sustained high level, the latest UK Threat Report produced by VMWare Carbon Black found that more than three-quarters of UK organisations felt more confident in their ability to repel cyber attacks than they did 12 months previously.

Supporting this sense of confidence, we also found that investment in cyber defence is holding up well, with 93% of UK organisations surveyed saying they plan to increase cyber security spending. Nevertheless challenges remain, not least in terms of the fact that, despite this growing confidence, 84% of UK organisations surveyed said that they had suffered at least one data breach in the past 12 months caused by an external cyber attack.

What else did we learn when we asked 250 UK CIOs and CISOs about the threat landscape they face in the final quarter of 2019? Here are four key points to emerge:

*Despite growing confidence, the attack landscape remains severe

84% of organisations said the volume of attacks they face has increased, while nine-in-ten said that these attacks had become more sophisticated.

Globally, we found a sharp rise in the prevalence of phishing attacks as the attack type most likely to result in a data breach, and this was reflected in the UK where it was the cause of 33% of breaches. In fact, this figure had jumped from 20% in our January 2019 report.

This global trend is a clear sign that attackers are going after the weakest link – the end users. This is also a factor in the increase reported in breaches caused by ransomware, which jumped as a cause of successful breaches from 14% in January to 20%.

This focus on user-related breach vectors may also indicate that defenders are succeeding in making organisations a harder target for more direct malware-led attacks. The study found that the percentage of breaches caused by process failures and out-of-date security halved during the period from January 2019. This is another sign of a maturing approach towards cyber security wherein controllable factors are now a key focus.

*Reputational damage outweighs financial impact when breaches happen

Given the high profile of regulatory changes in the past 18 months, it’s not surprising that 72% of businesses reported suffering from reputational damage as a result of a data breach. The public is now much more aware of the risks and responsibilities that organisations bear around data protection and is pretty quick to lose trust in those who appear negligent.

Perhaps more surprising is that the percentage reporting financial impacts from breaches was only 35%, which is lower than the global average of 44%. In fact, more than half (54.5%) of UK organisations said there had been no financial impact from the breach at all.

At this stage it seems that organisations don’t see monetary loss on the same scale as reputational damage.

*Emerging technologies and cyber skills scarcity are cause for concern

Looking to the coming year, the research found a significant level of concern in the UK about how emerging technologies such as 5G and fast-paced digital transformation projects are going to create cyber risk. In line with global sentiment, nine-in-ten respondents said they had concerns, which ranged from the potential for new and more destructive attack types to the difficulty in gaining full visibility over new projects and technologies.

Almost a quarter (25%) said that they would need a bigger team to cope with these threats. However, recruiting staff with the necessary skills is a growing problem, with 55% of UK organisations saying the recruitment climate had grown more challenging in the past 12 months.

Looking overseas to plug the gap is unlikely to be a solution as the situation is even more difficult globally – an average of 61% of businesses worldwide said that recruiting the right skills has become more difficult.

*Threat hunting is firmly on the agenda

90% of UK companies surveyed said that threat hunting had strengthened company defences and 30% had found significant evidence of malicious activity. This is almost double the 16% who found significant evidence of malicious activity in January 2019.

While this may be at least in part due to increasing levels of cyber threat activity, the high percentage increase indicates that threat hunting is becoming more effective as defender skills and experience increases. 

Stronger outlook for UK cyber security

Taken together, these research findings indicate a maturing approach to cyber security as UK businesses adjust to the ‘new normal’ wherein high volume, sophisticated cyber attacks are a factor of doing business.

Organisations are locking down the controllable factors such as process weakness and out-of-date security, while at the other end of the scale they’re proactively threat hunting. This is building defender confidence and power as businesses become smarter about identifying where the risks lie and what tools they can deploy to mitigate them.

While new challenges loom on the horizon, the cyber security community in the UK is now better positioned and more confident to meet and defend against them.

Rick McElroy is Cyber Security Strategist at VMWare Carbon Black

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts