The Cyber Security Breaches survey 2016 indicates that less than 50% of UK companies take the necessary measures to identify cyber risk.
Furthermore, it reveals that 51% of medium and 65% of large firms experienced a cyber security breach in the last 12 months. This is despite the fact that 69% say cyber security is either a high priority for their organisation’s senior management.
The survey also shows that 68% of all cyber attacks/breaches were due to malware/virus/spyware, while 32% was as a result of impersonating the organisation (probably from a type of phishing attack).
Since seven out of ten attacks could have been prevented, the survey highlights that cyber security is ‘an issue that affects virtually all UK’, but that businesses have not yet taken appropriate actions to manage the risk of compromised cyber security.
Under the incoming EU General Data Protection Regulation (GDPR), companies will be required to report data breaches within 72 hours of becoming aware of it, unless there are exceptional circumstances, which will have to be justified.
This places a significant burden on businesses to start implementing the appropriate measures to improve their cyber security, with the Regulation becoming law as early as May 2018.
Implementing an information security management system like ISO/IEC 27001 is the most effective way of reducing your exposure to cyber risks.
Free download: Reduce your cyber risk with ISO 27001
You can read more about how ISO 27001 can reduce your cyber risks and the ten critical ingredients for improving your cyber security posture by downloading our green paper now.