On Wednesday, 19th October, we launched our State of Cyber Security in the UK report. We’ve been working on the report for a while now, so it was great to finally be able to release it into the wild.
The launch event was a great opportunity to discuss the results of the survey with our customers, contacts and colleagues.
And the survey says…
Together with Oxford Economics, a leader in global economic forecasting and econometric analysis, we surveyed 500 UK cyber security decision makers to find out what challenges they face. And to investigate how they approach cyber strategy for their organisation.
In short, we found out a huge amount of really useful data. You can see a detailed breakdown in the full report. But some of the headlines were:
- organisations suffered even more security incidents than we expected
- industry leaders do not feel confident in their ability to handle threats
- recruitment and expertise are proving major obstacles for organisations seeking to protect themselves from emerging cyber security issues
- skills shortages are affecting almost half of all organisations.
We wanted our launch to make a splash. So we put together a really interesting panel with our chief exec, Reece, acting as the compère.
- Sam Sorrell, Cyber Security Lead at iomart
- Stuart Avery, Cyber Security Lead at e2e-assure
- Steven Peake, Director of Systems Engineering UK & Ireland at Barracuda
- Navaid Khan, CTO for Service Providers at Cohesity.
Cyber security insights on the day
After our very own Sam Sorrell talked us through the main findings of the report, we opened the discussion to the floor and there was some really interesting discussion.
Some of the topics we discussed included:
- Risk can’t be outsourced – unfortunately, in the modern world, risk of cyber breach is something organisations just have to deal with. And the temptation is to pass that risk off to an external partner, supplier or technology. But the buck will always ultimately stop with those in charge of the overall cyber strategy. So cyber security is now a board level issue. The stakes are too high for it not to be.
- The threat landscape is more complex than we’ve seen before – Organisations tend not to have one centralised office location anymore. That means individuals accessing the network from a range of different locations – some more secure than others. When combining this with the increase (in number and effectiveness) of threat actors, it makes for a challenging position.
- The number of tools is confusing – Google cyber security solutions and you’ll be bombarded with all sorts of technology and services promising a silver bullet solution. But in truth, such a thing does not exist. A more holistic approach is required that focuses on the right balance of people, process and technology.
- A strong recovery plan is vital – If the report showed anything, it demonstrated that the likelihood of suffering a breach has greatly increased in recent years. More and more organisations are recognising that having a robust recovery plan in place – if the worst does happen – is just as important as having effective preventative measures.