New report reveals global lack of confidence in cyber security

Almost half (45 per cent) of business leaders around the world are not confident about their organisation’s cyber security measures, according to new research.

Cisco has released its 2016 Annual Security Report, which shows that a significant number of global firms may be unwittingly putting themselves at risk of a cyber attack simply due to the fact that they are unsure exactly what they need to be doing when it comes to protecting their assets.

At the same time, recent research from Aviva has led to the discovery that two in five companies do not believe they are at risk of being a victim of cybercrime, suggesting a somewhat blase attitude to the subject.

Poor knowledge

The Aviva report found that under one-quarter (24 per cent) of businesses are actively taking steps to protect their data and documents from being subject to a cyber attack. This is despite the fact that the latest figures from the UK’s Office for National Statistics show that there were 2.5 million incidents of cybercrime recorded in the country between May and August 2015 alone.

Aviva discovered that a large number of business leaders had not even heard of some of the most common forms of attack, with one-third unaware of hacking, one-quarter unfamiliar with the term phishing and just under one-third not aware of the dangers of identity theft.

What’s more, 34 per cent of respondents said they would not know what to do if they were a victim of cybercrime, while a further 27 per cent admitted to being unsure of the correct protocol.

The consequences of a cyber attack can be severe. Hacks of this kind are becoming increasingly high-profile, meaning a brand can suffer lasting reputational damage and lose a significant number of customers following a breach.

Statistics from Aviva revealed that the cost of recovering from an IT security breach could reach up to £10,000 for a small business, indicating that the sum needed to bounce back from such an attack could potentially come in the millions for bigger firms.

In fact, TalkTalk’s highly-publicised data breach in 2015 cost it in the region of £60 million. If that figure doesn’t influence firms to invest in improved cyber security, it’s difficult to know what will.

Lack of confidence

Despite this, Cisco’s research shows that businesses that invest in measures to protect their computer systems and data are not necessarily confident with the steps they take.

While 45 per cent of chief executives say they do not have faith in their cyber security strategy, 92 per cent admit that they expect proving their credentials in this area will become a standard industry requirement in the near future. This indicates that a greater number of firms will be taking action to protect themselves against cybercrime in the coming months.

Yet the research also showed that between 2014 and 2015, there was a ten per cent decline in the number of businesses reporting that their cyber security infrastructure was up to date.

This was despite Cisco discovering that the nature of cyber attacks is constantly changing. For example, figures show that the number of hackers using WordPress domains increased by a huge 221 per cent between February and October 2015 alone.

What the experts say

John N Stewart, senior vice-president and chief security and trust officer at Cisco, commented: “Security is resiliency by design, privacy in mind and trust transparently seen. With the Internet of Things and digitisation taking hold in every business, technology capability must be built, bought and operated with each of these elements in mind. We cannot create more technical debt. Instead, we must meet the challenge head on today.”

Angus Eaton, managing director of commercial lines at Aviva, added: “Protecting your business from cybercrime is good business because your customers want the reassurance that their data is safe in your hands.

“If you haven’t done so already, now is the time to put cyber risk on your agenda and take action to help prevent your business becoming a target.”

Impact on cyber security recruitment

With this in mind, it is now more important than ever for businesses to increase their spend on cyber security.

Demand for experts in this area is constantly growing, with many firms offering competitive salaries for specialists so that they can gain access to the best possible skills.

Recruitment in this field is only set to keep increasing, particularly as cyber attacks become more elaborate and firms need to stay ahead of the game to remain competitive in today’s increasingly digital world.

Our Market Reports combine a review of the prevailing conditions in the security recruitment market with the results of a comprehensive compensation survey, covering both permanent and contract security practitioners.

Image: iStockPhoto