igor - Fotolia
UK firms too confident about cyber security
Three-quarters of UK companies say their cyber protection is above average, and nearly half think they are a “top performer” despite the growth in data breaches
Despite the growth in data breaches, senior executives at UK organisations think their cyber security protection is top-notch, a survey has revealed.
Three out of four executives from UK firms (75%) said their company was better prepared than their competitors – up from 60% a year ago – and 43% said their firm was a top performer, according to the survey by research and consultancy firm Ovum for Silicon Valley analytics firm FICO.
Despite this confidence, only 36% of organisations are carrying out regular cyber security risk assessments.
“These numbers suggest that many firms just don’t understand how they compare to their competitors, and that could lead to a lack of investment,” said Steve Hadaway, FICO’s general manager for Europe, the Middle East and Africa. “When we review firms’ cyber security risk with our FICO Enterprise Security Score, I can tell you that most firms are not above average.”
While this over-confidence was seen across the eight regions surveyed, Canada was the only country where more respondents (44%) said they were a top performer for cyber security protection.
Among UK industries, financial services firms were the most confident of all, with 55% saying their organisation was a top performer, and 41% saying said it was above average.
Telecommunications providers were second, with 42% saying their firm was a top performer. The least confident – or most realistic – respondents were in retail and e-commerce, with 38% saying their firm was a top performer, and just 19% rating it as above average.
“The grave risk posed to our privacy and security demands that firms take an honest view of their protection,” said Hadaway.
Maxine Holt, research director at Ovum, said IT leaders have more funding than ever to protect their organisations from the continuously evolving threat landscape and to meet complex compliance demands.
Read more about cyber security
- Cyber security – why you’re doing it all wrong.
- UK businesses urged to ensure they do cyber security basics.
- Business not learning from past cyber security incidents.
“These same IT leaders are undoubtedly keen to believe that the money being spent provides their organisation with a better security posture than any other – but the rapid pace of investment, often in point solutions, rarely takes an organisation-wide view of security,” she said.
Ovum conducted the survey for FICO through telephone interviews with 500 senior executives, mostly from the IT function, in businesses from the UK, the US, Canada, Brazil, Mexico, Germany, India, Finland, Norway, Sweden and South Africa. Respondents represented firms in financial services, telecommunications, retail and e-commerce, and power and utilities.
Last month, FICO announced that it is offering free subscriptions to the Portrait portal of the FICO Enterprise Risk Suite, which gives businesses access to their FICO Enterprise Security Score. The score, a machine learning-based cyber security rating service, can show organisations how business partners and cyber insurance underwriters see their network security, and can help them to benchmark their performance.