As many as 3 in every 5 UK businesses fear they will be victims of data breach in the coming year, notes SailPoint's 2017 Market Pulse Survey.
The survey also discovered that a third of all UK businesses won't even know they have been breached.
As many as 67%, or two out of three, of all British enterprises were breached last year. The situation is so grave that enterprises aren't wondering if they can be breached, but when they will be breached. At the same time, 33% of enterprises fear they won't even know that they have been breached.
Global businesses facing cyber-attacks thanks to unregulated insider access
SailPoint's 2017 Market Pulse Survey has revealed some grim data on the current status of cyber-security among UK businesses. The survey notes that 71% of enterprises aren't sure how to manage and protect unstructured data while only half of them have formal usage policy to prevent data breach.
This is despite the fact that the government is offering an ambitious and helpful 'Cyber Essentials' accreditation programme for enterprises which aims to help companies strengthen their IT systems, implement the latest cyber security practices and effectively handle and protect customer data. To ensure more companies join the programme, the government has mandated that those without accreditation will not be able to bid for government contracts.
Cyber crimes: the threat, the Government, GDPR and how it affects you
The SailPoint survey further notes that 86% of enterprises have poor visibility on their access to confidential corporate applications and data, while 60% are not completely aware of who can access what data across their network. At the same time, a similar percentage of enterprises are concerned with the threat posed by contract workers and 37% of enterprises suffer from poor employee password hygiene.
The SailPoint survey suggests that the threat to UK businesses from cyber-attacks is much worse than previously believed. Earlier, a survey of 1,200 companies by the British Chambers of Commerce (BCC) found that almost 1 in 5 have been victims of cyber attacks in the past year. Companies with over 100 employees were found to be more likely to be targeted than smaller ones. 42 percent of medium to large-sized companies were affected as compared to 18 percent of micro- small enterprises.
Ransomware attacks on the rise and universities under increased attack, finds Verizon Data Breach Investigations Report
As far as cyber hygiene of employees is concerned, there has been little improvement. A recent report from security firm Bomgar has revealed that as many as 69% of employees stay logged on to either their laptop or company accounts after work hours, 57% send work files to their personal e-mail accounts, 46% tell colleagues their passwords, 53% use unsecured Wi-Fi to access online data and in the UK, only 44% of companies have reviewed their policies on third party access in the last two years.
However, there is some light at the end of the tunnel. The SailPoint survey notes that 87% of enterprises agree that it is important to have strong identity governance controls in place across their organization’s entire IT infrastructure. Around 55% of enterprises have also confirmed that they will invest the maximum in identity governance in the next year.