Thales – the specialist in critical information systems, cyber security and data security – has announced the results of its 2018 Thales Data Threat Report (European Edition), which reveals the UK to be Europe’s most breached country of last year. However, despite a 24% increase in the number of attacks – figures rose from 43% to 67% year on year – British businesses claimed to feel less vulnerable to data threats when compared to those operating across Germany, Sweden and the Netherlands.
Last year witnessed a number of extremely high-profile cyber attacks hitting Europe, with the ransomware Cryptoworm, WannaCry and the wider-reaching malware Bad Rabbit crippling thousands of systems including those of the NHS. Large-scale names such as Equifax, Accenture and T-Mobile also became the victims of cyber crime, putting both their data and reputations at risk.
While more organisations across Sweden (78%) and the Netherlands (74%) admitted to being breached in the past – as opposed to 67% in the UK – the last 12 months was a different story. 37% of businesses across the UK were breached, while 33% of German respondents were breached. 30% of organisations in Sweden were breached and 27% of respondents across the Netherlands were breached.
Appearing unaffected by the rise in attacks, just 31% of UK organisations said they feel ‘very’ or ‘extremely’ vulnerable to data threats, leaving the majority (69%) feeling ‘somewhat’ or ‘not at all’ vulnerable Businesses across Sweden claimed to feel the most vulnerable (49%), followed by the Netherlands (47%) and Germany (36%).
Mapping the spend trend
Despite seven-in-ten respondents (69%) feeling just ‘somewhat’ or ‘not at all’ vulnerable to cyber attacks, the same ratio of UK organisations reported an overall increase in their IT security spending, with 15% outlining it to be ‘much higher’ than last year. This rise was, however, still less than the spend in both Sweden (in which three quarters of businesses have upped their budgets to offset threats) and Germany (76%).
While 72% of organisations overall have dedicated more money to IT security, British businesses appeared to still fall short compared with their European counterparts. Almost two in every five (39%) Swedish respondents admitted their budget was ‘much higher’ than last year, while an additional 36% claimed it to be ‘somewhat higher’. The Netherlands and France both followed suit, with 29% and 24% spending a lot more this year on security.
A dip in compliance
The timeframe from announcement to implementation for the EU’s General Data Protection Regulation gave organisations plenty of time to prepare themselves for compliance. However, the report results tell a different story, with high rates of failure for compliance audits, and especially so in the last year.
Businesses in Sweden ranked highest for failure, with almost half (49%) missing the mark for compliance audits. Those across the Netherlands were next in line at 38%, closely followed by Germany at 33%. On the other hand, 19% of UK organisations reported failing data security audits in the last year.
Aside from the UK, all other European countries showed a decline in their efforts to meet compliance, which is a worrying set of results with so many changes to standards and regulations. Despite this drop, respondents across the board all cited compliance as being effective when it comes to preventing data breaches.
Peter Galvin, chief strategy officer for Thales eSecurity, commented: “A tidal wave of data breaches is continuing to roll across Europe, with three in every four organisations now the victims of cyber crime. As a result, people are feeling more vulnerable than ever before. They’re worried about where the next threat will come from and in what form. To stand the best chance of success against these advanced attacks, businesses need to dedicate the appropriate level of attention, budget and resource into safeguarding their sensitive data, wherever it happens to be created, shared or stored. The deployment of encryption is a well-recognised strategy to mitigate the risk of data breaches and cyber attacks as well as protect an organisation’s brand, reputation and credibility.”
*Download your copy of the 2018 Thales Data Threat Report (European Edition)