British mid-market companies oblivious to cyber risk2 min read

16/Jul/2019

A new report has found that mid-size companies in the UK are failing to grasp the scale of cyber risk. Indeed, the majority – 63% of those surveyed – do not have a board member responsible for cyber security.

Prepared by Grant Thornton, the accountants, the survey – titled: “Cyber Security – the Board Report” – found that, in the last 12 months, the total cost of cyber security breaches to UK mid-market businesses reached at least £30bn. Despite this, in the last 12 months, only one in three (36%) companies have provided all of their employees with cyber security training. And over half of those surveyed (59%) do not have a cyber incident response plan in place.

More than half (53%) of the companies surveyed reported losses equivalent to 3-10% of revenue following a cyber-breach. For those businesses hit hardest, losses can reach up to 25% of revenue. Six per cent of the businesses surveyed reported a loss of this size (11 to 25% of revenue).

Almost 70% of the respondents felt confident in their ability to respond consistently at any time to a cyber-attack across their entire organisation. Conversely, over half of the businesses surveyed do not have a cyber incident response plan in place (59%).

The importance of having a well-rehearsed plan of action cannot be underestimated. “The research found that companies that have an incident response plan in place experience lower financial losses from a cyber-attack than those that don’t,” said Grant Thornton.

Be prepared!

The report identifies six key areas that mid-market boards should be focusing on to ensure that they are properly prepared. They include establishing a cyber incident response plan, regularly rehearsing the response plan using a range of different scenario and monitoring and managing the risk posed from their supply chain

It also recommended ensuring that companies understand the terms of their insurance and what is covered. They should also understand what “normal” looks like for their business, in terms of application usage, so that they can identify any unfamiliar patterns. The report recommended investing in regular training and raising awareness of cyber security among employees.

For more information, click on the link.

United Kingdom

contact@cynation.com

+44 020 3190 5000

PopHub Leicester Square
41 Whitcomb Street
London WC2H 7DT

The Netherlands

contact@cynation.com

Oude Udenseweg 29
5405 PD Uden
The Netherlands

Newsletter Signup

%d bloggers like this: