2 out of 3 UK enterprises suffered data breach last year

2 out of 3 UK enterprises suffered data breach last year

British Airways has confirmed that a recent IT glitch that affected over 75,000 travellers was caused by human error.

As many as 3 in every 5 UK businesses fear they will be victims of data breach in the coming year, notes SailPoint's 2017 Market Pulse Survey.

The survey also discovered that a third of all UK businesses won't even know they have been breached.

As many as 67%, or two out of three, of all British enterprises were breached last year. The situation is so grave that enterprises aren't wondering if they can be breached, but when they will be breached. At the same time, 33% of enterprises fear they won't even know that they have been breached.

Global businesses facing cyber-attacks thanks to unregulated insider access

SailPoint's 2017 Market Pulse Survey has revealed some grim data on the current status of cyber-security among UK businesses. The survey notes that 71% of enterprises aren't sure how to manage and protect unstructured data while only half of them have formal usage policy to prevent data breach.

This is despite the fact that the government is offering an ambitious and helpful 'Cyber Essentials' accreditation programme for enterprises which aims to help companies strengthen their IT systems, implement the latest cyber security practices and effectively handle and protect customer data. To ensure more companies join the programme, the government has mandated that those without accreditation will not be able to bid for government contracts.

Cyber crimes: the threat, the Government, GDPR and how it affects you

The SailPoint survey further notes that 86% of enterprises have poor visibility on their access to confidential corporate applications and data, while 60% are not completely aware of who can access what data across their network. At the same time, a similar percentage of enterprises are concerned with the threat posed by contract workers and 37% of enterprises suffer from poor employee password hygiene.

The SailPoint survey suggests that the threat to UK businesses from cyber-attacks is much worse than previously believed. Earlier, a survey of 1,200 companies by the British Chambers of Commerce (BCC) found that almost 1 in 5 have been victims of cyber attacks in the past year. Companies with over 100 employees were found to be more likely to be targeted than smaller ones. 42 percent of medium to large-sized companies were affected as compared to 18 percent of micro- small enterprises.

Ransomware attacks on the rise and universities under increased attack, finds Verizon Data Breach Investigations Report

As far as cyber hygiene of employees is concerned, there has been little improvement. A recent report from security firm Bomgar has revealed that as many as 69% of employees stay logged on to either their laptop or company accounts after work hours, 57% send work files to their personal e-mail accounts, 46% tell colleagues their passwords, 53% use unsecured Wi-Fi to access online data and in the UK, only 44% of companies have reviewed their policies on third party access in the last two years.

However, there is some light at the end of the tunnel. The SailPoint survey notes that 87% of enterprises agree that it is important to have strong identity governance controls in place across their organization’s entire IT infrastructure. Around 55% of enterprises have also confirmed that they will invest the maximum in identity governance in the next year.

Copyright Lyonsdown Limited 2021

Top Articles

It’s time to upgrade the supply chain attack rule book

How can infosec professionals critically reassess how they detect and quickly prevent inevitable supply chain attacks?

Driving eCommerce growth across Africa

Fraud prevention company Forter has partnered with payments technology provider Flutterwave to drive eCommerce growth across Africa and beyond.

Over 500,000 Huawei phones found infected with Joker malware

The Joker malware infiltrated over 500,000 Huawei phones via ten apps using which the malware communicates with a command and control server.

Related Articles