UK Companies Have ‘Distorted Understanding’ Of Cyber-Security
In this day and age, it is impossible for business owners to ignore the significance of the internet with cybercrime rates growing just as quickly as the positive developments of the digital world.
A joint study by LogRhythm, Gigamon and Forescout Technologies – three tech firms with respective backgrounds in security intelligence, traffic visibility and the Internet of Things – surveyed 2,000 IT professionals working for UK companies about their concerns relating to data security and their history of previous breaches.
44.45% of the survey’s participants expressed confidence that their company has never suffered a data breach, while 43.65% admitted they have suffered a breach, and 11.9% said they did not know. LogRhythm’s Ross Brewer says the number of people who claim never to have encountered a problem is in sharp contrast with what industry analysis.
“The 45% that say no, they are either not willing to admit the fact that they had a breach or they just don’t know because they don’t have the visibility”, he said.
The accuracy of the companies’ understanding of how long it took for their cyber breaches to be discovered was also doubted by the study, with almost 33% of participants claiming the hack was uncovered immediately and 28% saying they learned about the attack within a month. The validity of this claim was disputed by Gigamon’s Trevor Dearing, who doesn’t believe most companies have complete visibility.
“Many of them claimed that they were able to detect in one day 100% of the threats and attacks that they saw on that day, but the reality is that they were only able to detect those that they had seen,” he said.
The difference between what is perceived to be happening and what is actually happening could be misleading business owners into missing vital signs of an attack, the group warned.
Overconfidence in your company’s risk level could lead to unnoticed attacks. Contrary to popular belief it is not only banks that are at risk of a hack, but SMEs and any other company whom hackers believe they can extort money from.
General cyber awareness is improving, however, as companies realise that outdated methods such as antivirus software and firewalls need to be replaced with a combination of more advanced security software, full network visibility, and dedicated cyber insurance which could provide financial security in the event of an otherwise costly attack.