Skip to main content

British firms still don't have cyber resiliency plans in place, despite GDPR

(Image credit: Image Credit: Evannovostro / Shutterstock)

Most IT decision makers expect a serious cybersecurity incident at their company, yet they’re not doing much about it, despite it being a central part of GDPR.

Latest reports from Vanson Bourne says 51 per cent of IT decision-makers see a negative business impact from an email-borne cyberattack as an ‘inevitability’, yet 52 per cent don’t have a cyber-resilience strategy set up. At the same time, businesses see data as incredibly important, and consider it ‘the single greatest loss following an email-based impersonation attack’.

Of those that do have a cyber-resilience strategy set up, roughly a third (37 per cent) have archiving and e-discovery included.

Vanson Bourne’s report says emails security and compliance best practices need to start from the top, down to ‘every single employee’. Training is considered ‘critical’. Yet, slightly more than half (57 per cent) of UK employees say their company offers training sessions.

“Email can be a powerful business tool. But if it isn’t considered as part of an organisation’s core security strategy, it can become a major vulnerability,” commented Marc French, Chief Trust Officer at Mimecast comments.

“Despite GDPR being in place, many businesses still do not realise the magnitude of personal information that can be hidden within email systems. With ever growing archives there is near certain chance businesses are holding on to sensitive personal data as defined by GDPR. With email the number one vector of choice for hackers looking to infiltrate corporate systems, this is a fundamental security flaw.”

Image Credit: Evannovostro / Shutterstock

Sead Fadilpašić
Sead Fadilpašić

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.