New research from Malwarebytes has revealed that 97 per cent of UK companies were impacted by security incidents in the last year.
The firm's new “White Hat, Black Hat and the Emergence of the Grey Hat; The True Costs of Cybercrime” report explored IT security costs from budget and remediation, to hiring, recruiting, retention and the rise of Grey Hat activity by surveying 900 security professionals across the US, UK, Germany Australia and Singapore.
Malwarebytes research found that UK-based organisations had the highest rate of attack during the past 12 months with 97.1 per cent of the organisations surveyed admitting that they had fallen victim to a significant security threat which is well above the global average of 72.6 per cent.
Organisations in the UK also have the lowest security budgets of the five nations surveyed and the average budget for a 2,500-employee organisation was just under £200,000 in 2017. This is expected to grow to £220,000 in 2018 but this increase of just 10 per cent makes the region one of the lowest growth rates for security budgets.
The report also found that salaries for security professionals in the UK are low with the average starting salary for an entry-level security professional to be the lowest among the five nations surveyed.
Grey Hats, who work both as cybercriminals and security professionals, are the most common in the UK and nearly half of UK security professionals (46.3%) say its easy to become involved in cybercrime without getting caught.
Malwarebytes CEO, Marcin Kleczynski offered further insight on the report's findings, saying:
“The current skills shortage combined with a steady stream of attacks against antiquated endpoint protection methods continues to drive up costs for today’s businesses, with a seemingly larger hit to security departments of mid-market enterprises. On top of this, we are seeing more instances of the malicious insider causing damage to company productivity, revenue, IP and reputation. We need to up-level the need for proper security financing to the executive and board level. This also means updating endpoint security solutions and hiring and rewarding the best and brightest security professionals who manage endpoint protection, detection and remediation solutions.”
Image Credit: Everything Possible / Shutterstock