A recent survey revealed that more than half of the companies in the United Kingdom were experienced a security incident over the past 12 months. According to a survey from data security firm Clearswift, around 70 percent of financial firms in the UK reported security incidents last year, in which half of the incidents occurred due to internal errors.
The research, which surveyed 100 senior business decision-makers from financial organizations in the UK, highlighted that most of the attacks have originated due to employees who failed to follow proper data protection policies.
Apart from employees’ errors, the survey also revealed other reasons, that led to attacks, including downloads of Malware or Viruses from third-party devices like USBs, and file transfers to unsecured sources.
“The financial sector is the lynchpin of the UK’s economy and a vital part of our nation’s Critical National Infrastructure, so it is alarming to see such high numbers of security incidents within financial organizations,” said Guy Bunker, CTO, Clearswift. “Unfortunately, in this day and age, it’s a case of ‘when’ not ‘if’ a firm is breached, so the financial sector needs to shift gears and speed up the innovation and deployment of effective data protection and threat mitigation strategies.”
“Cybersecurity needs to rapidly evolve, and the budgeting process should take this into account – the threat which can bring down a company may not have existed three months ago. Financial organizations need to be able to respond immediately in order to protect their reputation,” Bunker added.
A similar research from business and financial adviser Grant Thornton UK LLP discovered that cyber-attacks are a present danger for businesses in the UK. The research report, named Cyber Security – the Board Report, stated that the businesses are not prepared to manage the cyber risks.
Grant Thornton stated they surveyed over 500 UK mid-market companies, in which half of them reported losses of up to 10 percent of their income over cyberattacks. The research revealed that 63 percent of the companies don’t have a cybersecurity team. Only 36 percent stated that they’ve provided cybersecurity training to their employees. And more than half of the businesses (59 percent) don’t have a cyber incident action plan, according to the research.