- 53% of businesses surveyed by EY say their cyber security budget has increased over the last year
- Two-thirds of businesses cite ‘customer personal and identifiable information’ as the most valuable asset to protect
- The average spend on cyber security for businesses in the UK is £4,590 per year
In an age of technology, cyber-attacks are becoming more prevalent, more frequent and more threatening than ever before. Now that the majority of institutions, particularly in the financial sector, are opting to transform their operations via new digital channels, automation and other advanced technologies, the dangers to companies are significantly heightened.
As a result, Turnerlittle.com sought to find out how cyber security threats have increased in recent years, and what companies are, and should, be doing to prevent cyber-attacks.
With the sudden increase in the frequency and scope of cyber-attacks around the world, new and impending regulations, have already prompted some of the financial sector’s biggest names to review their cyber security plans. In a recent Ernst & Young report, Turner Little found that more than half of respondents (53%) say their cyber security budget has increased over the last year.
Cyber security is becoming a number 1 priority for businesses
In 2018, many companies understand that cyber security is a major risk, perhaps even the number one priority; particularly for technology-heavy companies. Cyber risks are constantly changing and are difficult to keep up with, which can be destructive. Unfortunately, no business can completely protect itself from a cyber-attack, but they can implement plans and strategies to help prevent breaches from occurring.
For many companies, customer data is paramount, with a staggering 65% of businesses citing customer personal and identifiable information as the most valuable asset to protect, while 36% cited customer passwords.
Turnerlittle.com found that these were followed by:
|• Company financial information –||•||Patented intellectual property (IP) –|
|• Corporate strategic plans – 18.4%||•||R&D information – 9.6%|
|• Senior executive/board member||•||Non-patented IP – 8.3%|
|personal information – 15.1%||•||Supplier/vendor identifiable|
|• Information exchanged during M&A||information – 4.2%|
|activities – 11.5%|
Turnerlittle.com found, at present, there is a shortage of individuals with the skills and know-how to deal with cyber security threats in business. Turner Little’s analysis of EY’s report can reveal that at all levels, there is a lack of training regarding how cyber risk should be handled in day-to-day business life.
Companies must increase cyber security awareness training, whilst instilling an understanding of how cyber risks can impact different roles and individual projects, as well as harming overall businesses (e.g. impacting corporate reputation, business acquisition and client retention).
Analysing a 2017 report by Gov.uk, Turnerlittle.com found that, over the last 12 months, some businesses are trying to offer cyber security training, either internally or externally. Although, from the report, Turner Little concluded that training must be more accessible.
The following companies pursuing cyber security training:
|•||Small firms – 25%||•||Within finance/insurance – 49%|
|•||Medium firms – 43%||•||Within info/|
|•||Large firms – 63%||communications/utilities – 41%|
Of these companies, the employees who attend the training courses varies. Unsurprisingly, IT staff had the highest attendance (79%), followed by directors or senior management staff (59%), staff members whose job role includes information security or governance (47%) and other staff who aren’t cyber security or IT specialists (29%).
The ‘cost’ of a cyber breach is more than just money…
Turner Little found that cyber security can be expensive for companies; particularly those that are deemed “small”. According to Gov.uk, the mean spend on cyber security of all businesses in the UK is £4,590, and for large businesses, the mean spend reaches a staggering £387,000.
However, it is worth it in the long run, as Turner Little found that the average cost of breaches to all businesses in the UK reached £1,570 in the last 12 months – and £19,600 for large firms.
James Turner, Managing Director of Turnerlittle.com commented:
“Cyber security is something every business must be investing in. In this day and age, with the increases in technology and software, businesses are constantly under attack from hackers – both big and small. It is vital companies assess their cyber security plans continuously to ensure all data is secure.”
He added: “Despite the cost, it is important to ensure that all employees understand how dangerous cyber breaches can be, and what their costs are – particularly in larger firms where the aftermath can be highly detrimental to the company’s reputation and client retention.”