Brian Jackson - Fotolia
Data has revealed that 96% of UK corporations have seen hackers successfully penetrate their IT systems in an attempt to steal, change or make public important data.
While many firms are actively engaged in policies to safeguard against cyber crime, 9.1% of UK firms have not acted to protect themselves from hacking, a survey has revealed.
The data was gathered in the latest round of the global business outlook survey of global chief finance officers and finance directors, conducted by Grenoble Ecole de Management, Tilburg University and the Fuqua School of Business, Duke University.
In the past year, 90% of large UK organisations reported breaches, up from 81% a year ago, while 74% of small organisations said they had been breached, up from 60% in 2014, according to the government’s 2015 information security breaches survey conducted by PwC.
The majority of UK businesses polled expect breaches to increase further in the coming year. The survey showed 59% of respondents expect to see more security incidents.
While organisations of all sizes continue to experience external attacks, there appears to have been a slow change in the character of these attacks, the survey revealed.
Large and small organisations appear to be more targeted by outsiders, with malicious software affecting nearly 75% of large organisations and 60% of small organisations.
Another recent survey by Pierre Audoin Consultants shows that nearly 40% of European firms have no incident response (IR) plan in place, and only 30% of those with IR plans test and update them regularly.
The global business outlook survey also found that just over half of chief financial officers in the UK indicated that difficulty in hiring and retaining qualified employees is a top three concern, while the second most cited concern was rising wages and salaries. UK companies expect wage hikes of more than 4.5% over the next year. Hiring should stay in line with the 2015 figure.
Read more about incident response
- Study shows shift to spending on threat detection and response is overdue, with nearly 40% of firms admitting they have no incident response plan.
- Organisations hit by cyber attacks often lack an effective incident response plan.
- NIST incident response plan involves four phases enterprises can take to improve security incident handling.
Economic uncertainty poses a risk to only 18% of respondents, while a strong pound is hindering 36% of respondents.
"Wage growth expectations in the UK might become a real concern for companies. As a consequence they might start to rely more on offshore outsourced employees rather than on domestic ones," said Philippe Dupuy, a finance professor at Grenoble Ecole de Management.
Across the whole of Europe, 92% of corporations have been hacked and 23% have not acted to prevent attacks.
In the US, more than 80% of companies indicate they have been hacked, while just more than 85% of firms across Asia, Africa and Latin America admit they have been hacked.
According to the survey report, the main risk for European corporations is still the economic uncertainty and currency valuation. Around 40% of respondents cite volatility in the EU economy as a risk. However, European optimism has risen to the second highest level since 2007. Capital spending growth will be modest, at 1.8%, but employment is expected to increase by more than 2% for the first time since 2011. Salaries should rise by about 2%.
For 65% of the European firms and 62.5% of the UK firms surveyed, the recent change in the value of the euro has not been positive on their business. Some 70% of European firms expect the US dollar to continue to appreciate, compared with 60% of UK firms.