Only half of businesses can properly defend against cyberattacks

(Image credit: Image source: Shutterstock/alexskopje)

There is a ‘visible gap’ between security measures EU businesses say they take, and the ones they actually do take, according to a new survey by security experts Kaspersky Lab.

More than four in five (83 per cent) of IT decision makers across six EU countries say they take precautionary measures to keep themselves secure. However, four in ten (41 per cent) train all of their employees, and roughly half (53 per cent) believe they have robust cybersecurity policies set up.

The report also says that IT decision makers make it hard to properly estimate the damages caused by a cyberattack. The biggest reason for it is the fact that a data breach or any other type of security incident hurts the company’s reputation, which can’t easily be translated into tangible financial losses.

Another key takeaway from the report is that the majority of respondents said they would love to know who was behind the attack. This is closely related with the fact that many respondents believe hackers rarely get brought to justice.

The report also has a ‘positive’ aspect, which says that almost a third of businesses in the EU use threat intelligence reports, which suggests that IT teams can use high-quality threat intel to prepare the best way to respond to an incident.

“Awareness regarding cyberthreats is a very basic step for organisations, as a key foundation for staying protected from cyberthreats,” commented David Emm, principal security researcher at Kaspersky Lab. 

“Our research has found that European organisations acknowledge cyber risks, but it is concerning that only one-in-10 European organisations still do not take any effective preventative measures against cyberattacks, possibly hoping that ‘maybe it won’t happen to us.”

“However, it has been proven time and time again, preventative measures and proper defence are far more affordable than the impact of a disastrous attack that can even mean the end of a business. Although when a cyberattack occurs  businesses would like to know who’s behind it. Unfortunately attribution is fraught with difficulties, so it’s therefore much more productive to invest in measures to reduce the risk of attack and mitigate any attack that does occur”.

Image source: Shutterstock/alexskopje