UK companies left in the dust by Americans when it comes to cyber security

UK companies are being left behind in cyber awareness by their US counterparts, according to research carried out by Vanson Bourne and commissioned by BT.

Despite recent government initiatives to boost awareness of the need for cyber security, such as the latest "Cyber Streetwise" campaign, Just 17 per cent of UK IT decision makers said cyber security was a major priority for their organisation, compared with 41 per cent in the US.

That's still nothing compared to cyber security experts Brazil, where 52 per cent of respondents reported that their organisation is treating cyber attacks as a major threat.

The worrying trend looks set to continue, as UK companies spend less per year on training decision makers and increasing awareness around cyber risk.

The survey found that it's not scurrilous rogue states, trained teams of cyber criminals or even hacktivists that have organisations the most worried – it's their own employees.

Organised crime is seen as a cyber-threat by 53 per cent of those who responded to the survey, while 45 per cent fear cyber espionage from governments and nation states. Thirty-nine per cent perceived cyber terrorism to be a risk to their organisation. Some 65 per cent of respondents worldwide reported that non-malicious insider threats such as accidental loss of data were the biggest cyber threat.

"The research provides a fascinating insight into the changing threat landscape and the challenge this poses for organisations globally," said Mark Hughes, CEO of BT Security.

"The massive expansion of employee-owned devices, cloud computing and extranets, have multiplied the risk of abuse and attack, leaving organisations exposed to myriad internal and external threats – malicious and accidental."

US businesses are far outstripping their UK partners, according to Hughes.

"US businesses should be celebrated for putting cyber security on the front foot," he said. "The risks to business are moving too fast for a purely reactive security approach to be successful. Nor should cyber security be seen as an issue for the IT department alone."

"As the threat landscape continues to evolve, CEOs and board-level executives need to invest in cyber security and educate their people in the IT department and beyond. The stakes are too high for cyber security to be pushed to the bottom of the pile."