Looking at the headlines around cyberattacks and security breaches, we’d be forgiven for thinking that organisations face an insurmountable cybersecurity task. However, when we delve deeper into the UK cybersecurity landscape, a more nuanced picture emerges. In fact, there is a real sense of positivity on the horizon when it comes to UK organisations’ assessment of their ability to detect and defend against cyberattacks. Despite the knowledge that the volume and complexity of attacks they’re facing continue at a sustained high level, our latest UK Threat Report found that more than three quarters of UK organisations felt more confident in their ability to repel cyberattacks than they did twelve months previously.
Supporting this sense of confidence, we also found that investment in cyber-defence is holding up well, with 93 per cent of UK organisations surveyed saying they plan to increase cybersecurity spending. Nevertheless challenges remain, not least in the fact that despite this growing confidence 84 per cent of UK organisations surveyed said that they had suffered at least one data breach in the past twelve months caused by an external cyberattack. Here are four more things we learned when we asked 250 UK CIOs and CISOs about the threat landscape they face in the final quarter of 2019.
1. Despite growing confidence, the attack landscape remains severe
Eighty-four per cent of organisations said the volume of attacks they face has increased, while nine in ten said that these attacks had become more sophisticated. Globally, we found a sharp rise in the prevalence of phishing attacks as the attack type most likely to result in a data breach, and this was reflected in the UK where it was the cause of 33 per cent of breaches. In fact, this figure had jumped from 20 per cent in our January 2019 report. This global trend is a clear sign that attackers are going after the weakest link – end users. This is also a factor in the increase reported in breaches caused by ransomware, which jumped as a cause of successful breaches from 14 per cent in January to 20 per cent.
This focus on user-related breach vectors may also indicate that defenders are succeeding in making organisations a harder target for more direct malware-led attacks. The study found that the percentage of breaches caused by process failures and out of date security halved during the period from January 2019. This is another sign of a maturing approach to cybersecurity, where controllable factors are now a key focus.
2. Reputational damage outweighs financial impact when breaches happen
Given the high profile of regulatory changes in the past eighteen months, it is not surprising that 72 per cent of businesses reported suffering reputational damage as a result of a data breach. The public is now much more aware of the risks and responsibilities that organisations bear around data protection and quick to lose trust in those who appear negligent. Perhaps more surprising is that the percentage reporting financial impacts from breaches was only 35 per cent, lower than the global average of 44 per cent. In fact, more than half (54.5 per cent) of UK organisations said there had been no financial impact from the breach at all. At this stage it seems that organisations don’t see monetary loss on the same scale as reputational damage.
3. Emerging technologies and cyber-skills scarcity are cause for concern
Looking to the coming year, the research found a significant level of concern in the UK about how emerging technologies such as 5G and fast-paced digital transformation projects are going to create cyber-risk. In line with global sentiment, nine in ten respondents said they had concerns, which ranged from the potential for new and more destructive attack types to the difficulty in gaining full visibility over new projects and technologies. Almost a quarter (25 per cent) said that they would need a bigger team to cope with these threats. However, recruiting staff with the necessary skills is a growing problem, with 55 per cent of UK organisations saying the recruitment climate had grown more challenging in the past twelve months. Looking overseas to plug the gap is unlikely to be a solution as the situation is even more difficult globally – an average of 61 per cent of businesses worldwide said recruiting the right skills has become more difficult.
4. Threat hunting is firmly on the agenda
Ninety per cent of UK companies surveyed said that threat hunting had strengthened company defences and thirty per cent had found significant evidence of malicious activity. This is almost double the sixteen per cent who found significant evidence of malicious activity in January 2019. While this may be in part due to increasing levels of cyber-threat activity, the high percentage increase indicates that threat hunting is becoming more effective, as defender skills and experience increases.
A stronger outlook for UK cybersecurity
Taken together, these research findings indicate a maturing approach to cybersecurity as UK businesses adjust to the “new normal” where high volume, sophisticated cyberattacks are a factor of doing business. Organisations are locking down the controllable factors such as process weakness and out of date security, while at the other end of the scale they are proactively threat hunting. This is building defender confidence and power, as businesses get smarter about identifying where the risks lie and what tools they can deploy to mitigate them. While new challenges loom on the horizon, the cybersecurity community in the UK is now better-positioned and more confident to meet and defend against them.
Rick McElroy, Cybersecurity Strategist, VMWare Carbon Black