Whilst UK organisations have quick reactions to spotting security breaches in less than a day compared to the global average (46% vs. 34%), there are some vulnerabilities that continue to make them more susceptible to attack. Less than a fifth of UK organisations (18%) are effectively stopping cyber attacks and fixing breaches fast enough to lower their impact – a notably lower percentage of ‘cyber security leaders’ than the US (27%), Singapore (27%) and Italy (22%). Accenture’s recent State of Cyber Resilience report states.
This report highlights the increased pressure businesses are under to support remote and digital environments, leading to a higher risk of attack during the current COVID-19 pandemic. Malicious threat actors are taking advantage as organisations reconfigure their supply chains, offer more digital experiences, and meet the demands of a remote workforce. According to Accenture iDefense, more than 16,000 coronavirus-related domains have been registered since January 2020, which are reportedly 50% more likely to be fraudulent than others.
The findings point to a more isolated approach to cyber security as one reason for the UK’s vulnerability. Thirty-eight percent of security breaches in the UK are a result of indirect attacks through the partner ecosystem, however UK businesses’ approach is less collaborative than others. Only 40% of UK businesses collaborate with strategic partners to test their cybersecurity resilience compared to almost half globally. They’re also less likely to share knowledge of threats with strategic partners (44% vs. 48%) and the security community within an industry (39% vs. 46%).
Also, there’s evidence to suggest that UK businesses are not making the most of the tools available. Over half of global companies (51%) are scaling new security tools across their business, compared to more than two-fifths (43%) in the UK.
Whilst innovation is important, sustaining investments to perform better at the basics is key too. Yet in the UK this is getting less attention, receiving 35% of the budget allocation compared to 39% globally.
Nick Taylor, Security Lead for Accenture UK & Ireland, said: “Our research has uncovered some fundamental vulnerabilities still plaguing UK organisations. These must be addressed now, particularly as the COVID-19 crisis is putting pressure on security teams. Increased remote working will likely become business as usual, requiring teams to scale the security measures they may have temporarily put in place. Resilience teams will also need to build continuity into every operation, and with budgets tighter than ever, they will have to invest wisely and make the most of the tools available. Trying to go it alone and neglecting the basics as we enter this never normal era puts UK businesses at risk of falling behind.”
Speed of reactions
On a more positive note, UK businesses are ahead in spotting breaches, as well as fixing breaches in less than 15 days (53% vs. 47%). In addition, threat actors don’t seem to do as much damage in the UK compared to globally, with 35% of breaches having no impact versus 32% on average worldwide.
“It’s encouraging to see that the UK is ahead when it comes to its resilience, but a more consistent approach is needed,” Taylor continued. “If UK businesses take steps to improve their proactive approach and prevent attacks occurring in the first place, by making a concerted effort to collaborate and train further, then there is no reason why the country could not soon set the standard globally for cybersecurity.”
All in all a mixed bag, but at least the report makes clear the areas of improvement that are needed to strengthen cyber security in the UK and the weaknesses that need to be redressed.
If you want to find out more about IT Security try https://itsecuritycentre.co.uk.
Do you find this article useful? Comment below...