Professional services companies in the UK have experienced 62 cyberattacks in the last 12 months - one every six days - according to new research by Keeper Security. The company's 2021 Cybersecurity Census Report has also revealed that almost half (48%) of IT decision makers working at professional services companies have kept a cybersecurity attack on their organisation to themselves, raising questions about how badly affected businesses really are by these attacks.
Professional service organisations such as lawyers, accountants and consultancies are increasingly becoming a lucrative target for cyber criminals as the rewards for managing to breach such organisations are vast, given the amount of sensitive data available. It therefore comes as no surprise that IT is now the top investment priority (47%) for business leaders in the professional services sector. Nearly all (95%) of these organisations know where the gaps in their cybersecurity defences are but many are clearly struggling to fully address them.
Cybersecurity education and a lack of skills throughout the organisation are proving to be significant issues at professional services businesses wanting to bolster their cyberdefences. 65% of IT leaders agree that there is a cybersecurity skills shortage within their organisation and over half (59%) for example believe that employees don’t understand the cybersecurity implications of poor password hygiene.
"The days of random cyberattacks are long gone and hackers are identifying new industries to exploit. So it comes as no surprise that accountants, law firms and other professional services organisations are now in the cross hairs of cyber attackers." says Darren Guccione, CEO & Co-founder of Keeper Security. "Clear IT policies and powerful solutions that include a zero-trust and zero-knowledge approach to cybersecurity are essential for professional services companies in the UK wanting to close the gap between where they currently are on their cybersecurity journey and where they want and need to be to adequately protect themselves against these attacks."
The cybersecurity census report also found that nearly three quarters (74%) of IT leaders in the professional services sector would like to see cybersecurity become a board-level issue with the introduction of a dedicated cybersecurity specialist on the board to monitor the state of a business' cybersecurity defences. A large majority (85%) of IT leaders also believe that more external oversight and accountability in the form of an independent body - an ‘Ofcom for cybersecurity’ - would be an effective way to reduce cyberattacks in the UK. Almost all of them (93%) are further calling for legislative change that requires businesses to have basic cybersecurity protection in place before being allowed to operate.