40% of UK firms more exposed to cyber attacks than ever before
22 May 2018
Come 25th May, the UK will welcome the GDPR, a landmark set of regulatons that would protect the sanctity of customer data and hold enterprises responsible if they suffer breaches because of their failure to follow recommended cyber security practices and policies.
However, a survey carried out by endpoint security solutions provider Tanium has revealed that around 40 percent of businesses in the UK feel they are more exposed to cyber attacks than ever before.
Why are businesses still insecure against cyber attacks?
According to Matt Ellard, vice president for EMEA at Tanium, a lot of businesses in the UK still consider themselves vulnerable to cyber attacks as many of them still operate legacy systems and digital architecture, have limited cyber security budgets that are not enough to appropriately strengthen cyber defences, and suffer from lack of coordination between IT operations and security teams.
“Businesses can no longer afford to overlook the scale of threats they face and the IT operations and security teams need to bridge the accountability gap to protect the network, company and customer data,” he said.
A survey of 500 IT security workers in the UK carried out by Tanium revealed in detail why so many businesses in the UK are far from securing their digital assets against external threats. While 40 percent of those surveyed said their businesses are more exposed to cyber attacks than before, 31 percent said their organisations did not invest in new security solutions since the WannaCry attack.
Lack of concerted action against threats
According to the survey, even though 62 percent businesses in the UK reviewed existing security systems after the WannaCry attack and 38 percent redefined the process for reacting to security incidents, as many as 66 percent of them haven’t improved their patch management process since last year. At the same time, lack of funds ensured that 25 percent of them were unable to implement cyber security policies or adopt new technologies.
The survey’s findings aren’t much different from the findings of a survey of over 200 IT executives carried out by IT consultancy firm Excelian, Luxoft Financial Services in March. It had then revealed that budget cuts and staff shortages had turned out to be the to biggest impediments that financial firms have to grapple with while preparing for GDPR.
According to the survey, 43% of IT executives across Europe were suffering sleepless nights while trying to decide how to shape their cyber security strategies with the limited time at hand. Even though a large majority (89%) of such executives agreed with the fact that changing their cyber security strategy was a top priority, 55 percent of them were struggling with the lack of funds required to bring about such changes.
54% of IT executives also said that lack of training and learning opportunities held them back, while 26% cited skills shortage in their IT department as their biggest challenge. According to one in every four IT executives from across Europe, complicated internal processes were hindering their quest to change their strategies ahead of the GDPR’s arrival.
“IT departments in banks are being pulled in two directions. Banks want to focus on digital innovation, but IT professionals feel unable to escape from the ever-present cyber threat. Budget cuts are leaving smaller teams with fewer spare hours in the day. Unable to plan ahead, they spend their days firefighting problems and upgrading legacy systems,” lamented Marcin Swiety, Global Head of Luxoft’s Information Security practice.
“Most financial institutions want to capitalise on technologies like blockchain, AI and the cloud, but they are difficult to implement both securely and at pace. If we want to see digital transformations that are truly protected from the cyber threat, then institutions must find a way for IT departments to free up their time,” he added.