Cyber Attack | Data Breach

Published on January 24th, 2016 📆 | 1859 Views ⚑


More than a third of UK cyber security pros say their companies were attacked in 2015
More than a third (36 per cent) of UK cyber security professionals said that their business was hit by an IT security incident in 2015, according to a survey of nearly 200 IT security professionals by recruitment firm Harvey Nash.

In contrast, at Computing's Security & Risk Management Summit 2015, 85 per cent of  delegates said that they had been attacked in the last year, with 13 per cent stating they had been attacked in the last three months.

[adsense size='1']

In its survey, Harvey Nash found that most senior information security professionals (73 per cent) reported that phishing or social engineering were the form of attack, while 53 per cent reported a virus or malware outbreak. Almost a quarter (24 per cent) of information security professionals said that their firms had experienced a denial-of-service or distributed denial-of-service (DDoS) attack. Some of the findings echoed the results of Computing's own in-depth research.

According to Harvey Nash, in more than half (56 per cent) of these security incidents, there was a loss of revenue or profit, and in more than a third (35 per cent) a loss of customer confidence inflicted "less tangible but equally serious damage".

In the same report, Harvey Nash reveals that 73 per cent of senior information security professionals rate a lack of a security-aware culture as most critical to information security success.

"It appears that more lip service is being employed than actual experts on the ground who can deliver information security cultural change," said Stephanie Crates, head of London information security practice at Harvey Nash.

[adsense size='2']

However, this doesn't mean that organisations aren't trying to get up to speed; 89 per cent of senior information security professionals say their organisation is committed to developing and maintaining an information security-aware culture. Incidentally, seven per cent said that their organisation was not committed to do this, while four per cent said they didn't know.

The report also found that 45 per cent of cyber security professionals believed that their board of directors have a major gap in their understanding of cyber risk, or don't understand the risk at all. Many IT security pros felt the same way about CEOs, CFOs, CMOs and COOs.

Comments are closed.