Home News 36% of Security Leaders in U.K. Flout Data Breach Disclosures to Avoid...

36% of Security Leaders in U.K. Flout Data Breach Disclosures to Avoid Blame

Keeper Security’s 2021 Cybersecurity Census Report revealed that 36% of security leaders in the U.K. are not disclosing security incidents citing various reasons.

CISO, Cybersecurity

Cybersecurity is a booming industry in the U.K. However, despite rising awareness on several cybersecurity challenges, most organizations are shying away from disclosing security incidents as they happen. According to a recent analysis from Keeper Security, nearly 36% of senior security leaders admitted that they kept a cyberattack to themselves as a business secret. Keeper Security is a cybersecurity firm that helps organizations in preventing password-related data breaches and cyberattacks.

In its “2021 Cybersecurity Census Report,” the company revealed that most businesses in the U.K. are not ready to counter the rising cyberattacks. While cybercrimes are becoming more frequent and sophisticated by the day, organizations are simply avoiding data breach disclosures rather than boosting their cybersecurity standards. Loss of customer trust, brand value, business, and penalties were the most cited reasons for organizations not revealing security breaches.

Key Highlights:

  • Nearly 92% of businesses in the U.K. suffered a cyberattack last year and 78% admitted that they are unprepared to protect against cyberthreats.
  • Around 31% of organizations believe Chief Technical Officers (CTOs) should take responsibility in the event of a cyberattack.
  • While 66% of businesses have relaxed their cybersecurity policies last year due to remote work, 58% of employees don’t know the aftereffects of poor cyber-hygiene.
  • Over 32% of security leaders admitted to using weak credentials such as “password” or “admin” to protect their data.
  • Nearly 87% of IT leaders stated that the U.K. government must make organizations accountable for best security practices.
  • More than 90% believe that U.K. businesses should be legally required to have basic cybersecurity measures in place to protect against security incidents.

Cybersecurity Must Be Prioritized

Despite the threat of multiple attack vectors in the country, 28% of the organizations did not consider boosting cybersecurity as a top priority. While 92% of organizations in the U.K. are aware of security gaps in their cybersecurity defenses, only 40% are actively addressing them.

“The U.K. businesses are worried about their cybersecurity and, as our report has found, the challenges are manifold, affecting everything from budgets to productivity. While there is a desire to boost security efforts, companies are facing many competing challenges right now and, understandably, might not always make cybersecurity investments a priority. Our report is an urgent reminder for organizations to proactively address their cybersecurity challenges as a priority since deferring them will make the consequences far more severe,” said Darren Guccione, CEO & co-founder, Keeper Security.

“While this situation can’t be rectified overnight, there are straightforward steps U.K. businesses can take to boost their cyber defenses. First, organizations should do a comprehensive cybersecurity audit, looking at where the gaps lie and how they can be addressed. Next, they need to put in place a clear plan of action for how to address these challenges. Running cybersecurity training sessions to educate employees and introducing a password management platform to keep credentials safe and secure are two simple yet highly effective actions businesses can take today, to be better prepared against cyberattacks tomorrow,” Guccione concluded.