UK firms investing in the latest cyber security products and services risk their investments being undermined by poor security practices, a survey reveals. They risk becoming victim to data breaches by failing to take the most basic of cyber security precautions.
More than four in 10 of 1,253 UK workers polled by IT services firm Probrand said their company had invested in new cyber security products and services in the past year.
However, 67% said they have a basic password that could easily be guessed or hacked, and 63% admitted that they do not change their password regularly. Almost half said that they have not changed their password since they began working at their company.
The data also revealed that more than 1 in 3 (37%) of UK workers report using insecure network connections such as public Wi-Fi or tethering to mobile phones when working remotely.
According to other research by Probrand, 43% of UK businesses polled have suffered a cyber breach or attack in the past 12 months.
The human factor
A report published by endpoint management and security firm 1E in May showed that many organisations lack IT security and operations basics, including visibility across their IT operations.
The report said that UK and US businesses are still leaving their doors wide open to cyber attacks, despite significant security investments and focus.
Speaking at InfoSecurity Europe 2019 in London in June, National Cyber Security Centre (NCSC) CEO Ciaran Martin said: “The biggest threat to online safety is poor cyber security.
“We have learned from analysing 1,600 national-level incidents that these attacks are often relatively simple, using low-level techniques and well-known malware that exploits weaknesses in out-of-date software.
“Typically, these attacks are not particularly advanced, persistent or threatening, so what we have learned is that the biggest threat to cyber security is weak cyber security and that is what needs the most attention.”
Find out more via the link (subscription may be required).