UK professional services organisations are subject to multiple cyberattacks every week

UK professional services organisations are subject to more than three cyberattacks every week, with 60% expecting the total number of successful attacks to increase over the next year.

  • 1 year ago Posted in

Professional service organisations encompass key industries that are bearing the brunt of cybercrime, according to new research by Keeper Security. The 2022 Professional Services Cybersecurity Census Report reveals that a high number of incidents of cybercrime have been directed at these organisations, with IT Leaders citing an average of 161 cyberattacks over the last 12 months, resulting in both financial and reputational damage. 


Almost all (93%) of those surveyed believe the severity of cyberattacks will increase over the next year and that the time taken to detect a cyberattack is increasing. Nearly eight out of 10 (77%) professional services leaders say they need more time when attacks occur, reporting that the time taken to identify and respond to a cyberattack has increased in the past 12 months. An evidently belated response could be compounded by technical deficiencies or internal shortcomings.    


Cybersecurity Investments to Mitigate Risk


The study also unearthed a discrepancy between awareness of cybersecurity and the investment from leaders in the skills and technologies needed to improve their cyber defences. Twenty percent of respondents did not have a secrets manager to help manage IT secrets such as API keys, database passwords and credentials, and 15% did not have a connections manager to help manage remote access to privileged infrastructures. 


If awareness of the skills and technology shortage impacting cybersecurity can be acted on with the investment in the right tools and tech stack, then the professional services industry will be more resilient. However, if this investment is curtailed and compounded by poor internal security training, then the severity and frequency of cyberattacks found in the report will continue to impact businesses. 


The Harmful Impact of Cyberattacks on Organisations


Nearly a third (31%) of professional services organisations surveyed as part of the study have experienced financial theft, with 42% having between £100,000 and £999,999 stolen. 


But financial damage is only one implication of a cyberattack. Reputational damage, compromised supply chains and loss of stakeholder confidence can have enduring effects.  According to the study, nearly half (47%) of professional services firms have experienced reputational damage as a result of a successful cyberattack, with 46% suffering from disruption of partner/customer operations. Notably, 39% experienced loss of a business contract, underscoring the knock-on effects of cybercrime. 


Preparing for the future


Against the backdrop of rising cybercrime, investment in cybersecurity will be key to safeguarding businesses’ infrastructure. Amongst the surveyed professional services leaders, the study found an appreciation of the growing threat of cyberattacks, however there were differing perceptions of the investment needed and implementation necessary to reinforce their cyber defences.  


Rising external threats was ranked as the top cybersecurity concern among 50% of the professional services respondents, with just 3% saying cybersecurity was not important to the C-suite at their organisation. 


40% cited the need to address skills gaps within their staff and more than a third (37%) noted the weak link presented to an organisation’s cyber defence through contractors, interns and unsophisticated users inadvertently exposing an organisation to risk.   


Darren Guccione, Keeper Co-founder and CEO commented: “Although the professional services community knows that cybersecurity threats will continue to grow and their preparedness shows positive signs, we do not know how resilient they will be in the face of future challenges. The increased amount of time it takes for professional services IT teams to address a cyberattack and the widening scope of damage from a data breach emphasise the need to stay ahead of evolving threats through employee training, adopting the right technologies and implementing best practices.” 

More than half of today’s office workers are ignoring important cybersecurity warnings due to being overwhelmed and fatigued from digital communication.
Partnership will underpin Telstra’s managed services offering for security and network transformation.
The cybersecurity company’s latest offering enables MSPs to better protect and serve existing SME customers and foster new business conversion.
US Signal says that its Secure Access Service Edge (SASE) solution is now available to customers.
CrowdStrike creates cybersecurity’s “easy button,” replacing the ineffective antivirus products that leave SMBs vulnerable to ransomware and breaches.
ConnectWise has introduced innovations for its suite of cybersecurity management solutions, including automated remediation for cybersecurity leveraging the ConnectWise Asio™ platform.
Rubrik Zero Labs Research reveals stark realities about defending data today, threats to our data, and a growing need for different data security & cyber resiliency strategies.
Sophos has introduced several new solutions that advance critical defenses against active adversaries. Sophos exposes how these active adversaries are now carrying out ransomware “fast” attacks in mere hours in “The 2023 Active Adversary Report for Security Practitioners” also published recently.