lolloj - Fotolia

Cyber security not a priority for most sectors, study finds

Despite data breaches costing UK firms nearly £30bn in 2016, cyber security is still not a priority for most UK industry sectors, a study has revealed

Cyber security is a high priority for just 60% of directors or senior managers in the finance and insurance sector, according to an analysis of data from 1,500 firms by commercial property agency Savoy Stewart.

The proportion of executives who rate cyber security as a high priority is lower in all other sectors, with the lowest being the hospitality and food sector, where just 15% see cyber security as a high priority.

Besides finance and insurance, the sectors above the average are education, health and social care (49%); information, communication and utilities (42%); professional, scientific and technical (39%); and retail and wholesale (39%).

Above the hospitality and food sector on the lower end are manufacturing (31%); admin and real estate (28%); construction (23%); transport and storage (23%); and entertainment and service (21%).

This is despite the fact that cyber security has featured increasingly in mainstream media because of several high-profile data breaches and the fact that millions of UK firms are being hit by cyber attacks.

According to research by business internet service provider Beaming, 2.9 million UK firms suffered cyber security breaches in 2016, costing them an estimated total of £29.1bn.

According to security professionals consulted by networking hardware company Cisco, the operations of an organisation (36%) are most likely to be affected by any potential cyber attack.

After operations, the most likely to be affected are finances (30%), brand reputation (26%), customer retention (26%) and intellectual property (24%).

Read more about data breaches

However, the Savoy Stewart analysis revealed that 90% of UK firms do not have an incident management plan in the event of a cyber attack or breach.

“Cyber security cannot be ignored as the implications of a cyber attack or breach can be detrimental to any company’s reputation and finances,” said Matthew Yates, a senior IT consultant.

“Key decision-makers therefore need to put an emphasis on cyber security by placing it at the top of their agenda.

“In doing so, they can effectively improve their cyber protection against potential threats. More importantly, establish a company-wide precedent on embracing cyber security and its everyday importance.”

Darren Best, managing director of Savoy Stewart, said that with cyber threats only likely to increase, businesses cannot afford to be complacent.

“Business leaders cannot afford to be just concerned or treat it as another risk management exercise, but instead need to understand, carefully manage and thoroughly assess the security of their IT estate to continually get their basic defences right,” he said.

Best added that adequate governance and employee education on cyber security can go a long way to protect a business’s key capabilities and functions. ....................................................................................................................

Read more on Hackers and cybercrime prevention