Nearly two-thirds of UK citizens back pre-emptive cyber strikes on foreign states that pose a credible threat to national security, a survey has revealed.
However, 46% of those believe it depends on the level of threat posed, according to a poll of 1,000 people by OnePoll for security information event management firm LogRhythm.
Some 45% of all respondents believe the UK government needs to step up its protection of national assets and information against cyber security threats; 42% think the threat of international cyber war and cyber terrorism is something that needs to be taken very seriously.
Only 18% considered pre-emptive attacks on enemy states to be unjustified.
Just 10% said the government is doing enough to protect the nation from cyber security threats.
“The issue of international cyber espionage, as well as the development of increasingly malicious malware such as Flame, Gauss and Stuxnet, have unsurprisingly started to seep into public consciousness – leading to increased calls for urgent action,” said Ross Brewer, vice-president and managing director for international markets at LogRhythm
“However, after any security incident there is usually much speculation and uncertainty of the origin. As such, the typical knee-jerk reaction of blindly attacking the networks of potential perpetrators could incite disturbing consequences, such as the execution of even more sophisticated attacks on the UK’s critical infrastructure,” Brewer said.
Read more about cyber security
Public concern for personal data
The research also provided an insight into public concern about the security of personal data.
Most of those polled (80%) do not trust organisations to keep their data safe, ranking social networks and gaming sites the least trustworthy organisations.
Some 65% of respondents believed organisations across all industries are not doing enough to keep their data safe; and 41% feel it is inevitable their data will be compromised by hackers.
Brewer said comparing the results to a similar survey in November last year indicates that, despite efforts to reinstate consumer confidence in data protection, too many organisations are failing.
“Since 2011, the same percentage of respondents had concerns over the ability of organisations to safeguard their data – suggesting we could have reached a plateau of distrust,” he said.
Data breach aftermath
The latest survey found that if an organisation is compromised and personal data is put at risk, 67% would like to be told immediately, while only 18% were willing to wait until after the breach had been investigated.
In terms of the penalties handed to organisations found to have lax security, 45% believe they should be punished more severely, with 25% claiming that penalties are handed out unevenly across different organisations and industry sectors.
Brewer said businesses and government organisations clearly need to do more to reassure consumers that they are capable of handling personal information with the appropriate care.
“There is still a frustrating over-reliance on perimeter defences, despite the fact that they have repeatedly proven inadequate in securing IT systems, and this must change,” he said.
Brewer said it is essential organisations make better use of the data generated by networks so potential threats can be identified before they have a chance to escalate.
“As cyber threats increase in severity and complexity, organisations need to really understand the difference between ‘normal’ and ‘abnormal’ behaviour across every dimension of their electronic enterprise. Only then can they truly fight fire with fire,” he said.