We would like to keep you up to date with the latest news from Digitalisation World by sending you push notifications.
Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Digitalisation World is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Digitalisation World Video magazine contains the latest Zoom interviews with experts in the industry.
Cyberattacks are hammering businesses of all sizes and sectors across the UK, with just a fraction of those prepared to defend against them, according to new research by Keeper Security. The 2022 Cybersecurity Census Report reveals that companies are suffering severe organisational, financial and reputational damage. Yet, despite IT leaders expecting this onslaught to intensify over the next year, preparation is lacking, with only a minority of organisations feeling ready to face the threats.
The report found that the average UK business experiences 44 cyberattacks per year—more than three every month—and almost one in five (17%) are subjected to over 501 attacks in a single year. This calculates to approximately two cyberattacks every working day. While only around two of those cyberattacks are successful each year, IT leaders fear the frequency of attacks will intensify, with 46% expecting both the total number of attacks and number of successful attacks to increase over the next year.
Cyberattacks are causing businesses significant harm
Successful cyberattacks have the potential to bring businesses of all sizes to a standstill. Alarmingly, just 26% of respondents consider their business very prepared to defend against them.
Over one third (35%) of victims of a cyberattack report disruption to trading, such as the ability to carry out business operations
Over one third (34%) experienced reputational damage due to an attack
31% of both larger (over 1,000 employees) and smaller (fewer than 1,000 employees) businesses experienced theft of financial information from a successful cyberattack
More than a fifth (22%) of businesses experienced theft of money—with the financial disruption totalling more than £100,000 on average. Considering the current macroeconomic uncertainty in the UK, and the fact that the average UK SME makes just £11,000 in profits per year, such financial losses can be terminal.
Cybersecurity Investments and Tools
The rise of hybrid and remote work is widening the gap between what’s necessary to secure organisations and what’s available, with shortfalls in cybersecurity investment leaving businesses exposed.
Visibility of system users, password strength and permissions are baseline necessities regardless of business size or sector, yet IT leaders admit their tech stacks lack essential tools:
Over one-third of respondents (35%) lack a manager for IT secrets such as API keys, database passwords and credentials
Almost nine in ten (87%) highlight concerns about the dangers of hard-coded credentials—embedding authentication data such as user IDs and passwords directly into source code
29% lack a connections manager to help manage remote access to privileged infrastructures
IT leaders acknowledge their current security measures have identifiable weak points, and passwords and credentials are particular areas that require urgent investment. Despite this, almost one-third (32%) state they leave it entirely to employees to set their own passwords, with access often shared as needed.
“The cybersecurity landscape is complex, with ever-changing risks and shifting priorities to manage. However, the research shows that organisations could and should be doing more,” said Darren Guccione, CEO & co-founder of Keeper Security. “While many organisations consider future investments, they face being outmatched by rising external threats and the demands created by existing weaknesses.”
Cybersecurity in Company Culture
Despite budgetary commitments and a prioritisation of cybersecurity from the C-suite, IT leaders themselves admit to a concerning lack of transparency in the reporting of cyberattacks. Over half (55%) state they have been aware of a cyberattack and not reported it to any relevant authority. In addition, 80% of IT professionals are concerned about a breach from within their own organisation. These figures should be a red flag to business leaders, as without a culture of trust, accountability, and responsiveness, cybercrime will thrive.
Guccione concludes: “Although there have been small steps from UK businesses in prioritising cybersecurity, clear gaps remain. The volume and pace at which threats are hitting businesses is increasing, and leadership cannot afford to wait. As we move forward, businesses and IT leaders must not only voice commitments to cybersecurity, but act on them. They need to acknowledge how our workplaces have evolved and respond to new ways of protecting their employees, their data, and their livelihoods.”
