Companies expect cyber threats to increase, but are not ready for it

It’s no secret that cyber attacks are becoming increasingly sophisticated, while at the same time increasing in number and scale. Research from the Business Continuity Institute shows that cyber threats have increased in severity over the past year, with 75% of respondents reporting an increase in breach attempts and 39.4% having fallen victim to a successful cyber attack.

And this worrying trend is only expected to increase. In fact, our own research shows that as many as 70% of UK business leaders expect their organizations to be hit by a cyber attack within a year.

But despite these concerns about the near future, the same survey shows that only 35% of these leaders believe they are adequately prepared for such an incident. It is clear that there is a significant gap between the perceived risk of cyber threats and the level of preparedness of national companies.

So as the digital threat landscape continues to evolve, UK businesses find themselves in an increasingly delicate position when it comes to cyber security. The growing number of incidents facing modern businesses is well documented in today’s headlines, leaving organizations in no doubt that this is a serious issue that should be top of mind for every business.

How can companies in this landscape gain more confidence in their ability to defend themselves against modern cyber threats?

Christian Reilly

CTO EMEA at connectivity cloud company Cloudflare.

Growing cyber threats: a reality for UK businesses

The gap between the expected risks of cyber attacks and the willingness of companies to tackle them speaks volumes about the current state of cyber security in Britain.

This discrepancy is not a matter of ignorance, but of trust – or lack thereof. With almost half (48%) of UK organizations reporting a cyber security incident in the last year according to our data, the threat is very real, and the same research shows that Britain now has the unfortunate title of being the most targeted in Europe . . And yet only one in three business leaders feel they have the necessary defense mechanisms in place. This points to a crucial problem: while awareness is growing, actual preparedness remains worryingly low.

This is despite the real consequences that can be expected if a company experiences a breach.

An incident can not only have serious consequences for the company itself, but also have a negative impact on your employees and customers. Whether it’s financial losses, regulatory fines or reputational damage, the stakes are high when it comes to the lack of robust defense mechanisms. For example, in September 2023, MGM Resorts International suffered a devastating ransomware attack that cost the company an estimated $100 million – equivalent to approximately £76 million. A cyber attack is a devastating blow to any business, but lessons can be learned when an incident like this makes headlines.

Learning from experience

What stands out from the Cloudflare data is that sectors with higher attack rates, such as IT and technology, report feeling better prepared for future incidents. This makes sense: experience breeds resilience. This confidence also likely stems from industries’ early adoption of advanced cybersecurity tools and practices, equipping them to address the evolving threat landscape.

SolarWinds is a great example of a company that has taken significant steps to overhaul its security practices after a breach – and emerge stronger. The company improved its software development process with the Secure by Design principle, adopted a Zero Trust architecture and increased transparency by communicating openly with customers and regulators. SolarWinds also worked with cybersecurity experts to continuously improve their defenses, while contributing to industry-wide efforts to strengthen software supply chain security. These actions have helped the company recover, educate the wider industry and become more resilient to future cyber threats.

But while the IT and technology sectors are better prepared for such an incident, others are left behind. Sectors such as education and healthcare, which have suffered fewer attacks in the past 12 months, are showing shocking levels of complacency. With our data showing that only 19% and 18% of these sectors feel prepared for an attack, one has to wonder: are they playing a dangerous waiting game?

Just because companies have been lucky enough to avoid an attack so far doesn’t mean they will be immune in the future. And the sectors that have not yet had to deal with a cyber attack are worryingly underprepared. A report from Microsoft and Goldsmiths, University of London shows that only 13% of UK businesses are resilient to cyber attacks, with 48% considered vulnerable and the remaining 39% facing high risks. Given the sensitive nature of the data processed in industries such as healthcare, a significant cyberattack could have devastating consequences. And as cyber threats become more sophisticated and frequent, hope is no longer a strategy.

Cybersecurity as a catalyst for business modernization

Despite the challenges posed by the growing threat of cyber attacks, there is a positive shift in the way business leaders approach cybersecurity. Our research shows that more than two-fifths (44%) see it as a driver of modernization, while the same percentage see it as a key to getting boards to invest in essential projects.

According to a report from Aviva, attitudes towards cyber security are changing, with more and more companies recognizing the importance of robust defenses against potential threats. The company’s data shows that concerns about cyber attacks have increased from 40% to 57% since 2020.

This evolving perspective is encouraging because it suggests that organizations recognize the strategic value of strong cybersecurity measures. It emphasizes the recognition that robust defenses can provide more than just protection: driving innovation, streamlining operations and improving overall efficiency, and providing opportunities for operational improvements and data protection. This forward-thinking approach turns cybersecurity from a defensive necessity into a strategic advantage.

By integrating cybersecurity into decision-making at the highest levels, rather than treating it as an afterthought, companies are positioning themselves to thrive in an increasingly digital world.

The need for proactive cybersecurity measures

In an era where digital risks are rapidly evolving, companies must invest not only in cutting-edge technologies, but also in fostering a culture that treats cybersecurity as a strategic priority. Simplified, consolidated solutions are critical, but without the right mindset and commitment to continuous improvement across the organization, they will fall short.

Every company, regardless of industry, must recognize the evolving threat landscape and take proactive steps to mitigate risk. It’s time for every company to recognize that preparedness is more than just a checklist; it is a mission-critical part of modern business strategy. Rather than being a reactive measure that is dusted off after a breach occurs, cybersecurity should be considered a proactive, central part of any organization’s future-proofing plan. UK businesses are waking up to the reality of cyber threats – now they need to ensure they are ready to tackle them.

We reviewed the best identity management software.

This article was produced as part of Ny BreakingPro’s Expert Insights channel, where we profile the best and brightest minds in today’s technology industry. The views expressed here are those of the author and are not necessarily those of Ny BreakingPro or Future plc. If you are interested in contributing, you can read more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Related Post