Perspectives on how the UK is currently coping with cybersecurity challenges: Part 2
Welcome to part 2 of the UK stats from Cisco’s latest Security Benchmarks Study, part of our 2018 Annual Cybersecurity Report which is now ready for you to download.
In case you missed part 1, you can catch up on it here, but here are 5 more stats that paint a picture on how UK security professionals are coping with the cybersecurity challenges they are facing, and how they deal with data breaches.
1) 68% of organisations we interviewed in the UK have suffered a public breach (vs. 55% global)
It’s no longer of case of ‘if’ a company is going to be breached, but ‘when’. As hackers target UK companies more than the global average, companies will have to become better prepared at disclosing breaches, especially in light of the new GDPR. To tackle the problems we have, we have to do it in collaboration – government, law enforcement and cybersecurity industry. Criminals and the ‘bad guys’ collaborate very well. It’s not about compliance and regulation for the sake of it – it’s about moving beyond that to work together to tackle the escalating threat.
2) 49% of breaches in the UK resulted in more than half of systems being impacted (vs. 32% global)
It’s not a case of the UK being far behind from the rest of the world – it’s more down to the sophistication of the cyber criminals and the fact that they have more to gain by breaching UK companies. Also, you have to “knock more down” to obtain what you need in the UK – there are more obstacles that typically companies have put in place, which is why this stat is higher than the global average. It’s like breaking into a highly secure house – there are more systems you need to shut down in order to get to the main prize. We see a strategy of moving towards more thorough segmentation, and more intelligent & integrated security solutions in the UK.
3) 68% of British companies had to manage an outage of more than 5 hours in the past year due to a breach (vs. 58% global)
Both figures are too high – we need to move to more of a connected security strategy – a simpler and effective and easier to remediate strategy. UK companies need to focus on that more, but are under more danger of attack than most countries globally. Again, it’s all about working together so that we stop playing the game of the cyber criminals.
4) 63% of British companies suffer from cyber fatigue (vs. 46% global)
In the UK we are often blinded by the volume of attacks, and also the severity and tenacity of some of the attacks. In addition, we see lots of variations of the same attack as cyber criminals realise we haven’t got the right tools (connected in the right way) to deal with their levels of sophistication.
Organisations, even ones with increased headcount are struggling to cope with skills shortage. However, cybersecurity is becoming more of a priority for businesses, and most in the UK are looking to increase their spend on both technology and people. Cyber is a huge risk for all companies in all vertical industries and the National Cyber Security Centre (NCSC), are working in collaboration with Cisco and other cybersecurity organisations to increase the awareness of cybersecurity at board level. The aim is to reduce this cybersecurity fatigue figure and get businesses more on the front foot and prepared with the correct strategy, awareness, protection & support.
5) Many companies we interviewed in the UK rely considerably on new technology to reduce the level of effort to secure their organisations: 80% rely on automation, 77% on machine learning and 78% on AI.
We need to encourage companies to get more out of what they have already got, and get it connected. We should also remove tools that don’t work together. At the moment new technology such as the above is still in early adoption phase in the UK – but not so much for cyber criminals who are already using these new technologies like AI to execute hacks. We’ve made a good start to utilising these technologies against them, but we need to accelerate this immediately.
Download the 2018 Cisco Annual Cybersecurity Report now to learn more about how cyber criminals are trying to hide their malware, the types of malicious campaigns they are executing, and of course plenty of advice from our threat intelligence experts on how businesses can better protect themselves.
