Organisations are beginning to acknowledge the threat of data breaches, but they aren’t doing enough to prevent them, a UK government report has found.
According to the Cyber Security Breaches Survey 2018, 74% of businesses and 53% of charities say that their organisation’s senior management considers cyber security a high priority, but only 30% of businesses and 24% of charities said board members or trustees have any kind of cyber security responsibility.
The desire to prioritise cyber security shouldn’t come as a surprise – not least because 43% of surveyed businesses said that they were breached in the past 12 months. But if organisations want better cyber security, they actually need to treat it as a priority.
Lax information security practices
Not only do senior staff take responsibility for cyber security but 20% of businesses and 38% of charities said they never update their senior managers on cyber security issues. Likewise, only 20% of businesses and 15% of charities have conducted internal or external cyber security staff awareness training in the past 12 months, and 10% of businesses and 22% of charities report a cyber security skills gap in their organisation.
One potential positive is a reported year-on-year increase in the number of businesses that update their senior staff on cyber security issues every day – but that was a modest jump from 4% to 8%.
What you should be doing
Prioritising cyber security means investing in products and processes that help you identify, defend against and mitigate the damage of cyber security attacks. There are countless solutions to choose from, but you don’t have to break the bank to get secure.
IT Governance provides a host of free resources to help your organisation become #BreachReady. Find out what your organisation should be doing, as well as guidance on which products and services can help you meet your needs.