MANY businesses could be at risk of a cyber attack because they have little or no preventative security measures in place, a Hampshire company has warned.
The Cyber Security Breaches Survey commissioned by the government found only 23 per cent of businesses have a formal security strategy in place to combat cyber attacks such as phishing, malware or a ransom attack.
The survey also found 39 per cent of UK businesses had identified a cyber attack in the past 12 months.
Hannah Wallis of Hantec Systems in Southampton said firms which have no preventative measures in place are exposing themselves to cyber attackers, particularly with many employees working from home or opting in to a “bring your own device to work” scheme.
“We are urging business leaders to implement security measures into their business. A cyber attack can have detrimental consequences for businesses, particularly small to medium sized firms. It can also be very scary for the employees involved,” she said.
“The Cyber Security Breaches Survey 2022 highlighted that not enough businesses are protecting themselves, and as compliance consultants we feel it is our duty to make people aware of the risks of cyber attacks.
“Many people and business owners think they will see a cyber attack coming and know the signs to look out for. But without a formal cyber security strategy in place a business could be increasing its risk of an attack.
“Research found that only eigth per cent of businesses have a Cyber Essentials certification which is critical to reducing the risk of an attack."
Cyber Essentials is a UK certification which ensures an organisation has the minimum level of protection in cyber security. A company is certificated through annual assessments.
The Cyber Security Breaches Survey authors reported: “Our survey results show that in the last 12 months, 39 per cent of UK businesses identified a cyber attack, remaining consistent with previous years of the survey. However, we also find that enhanced cyber security leads to higher identification of attacks, suggesting that less cyber mature organisations in this space may be underreporting.”
The report added: “Of the 39 per cent of UK businesses who identified an attack, the most common threat vector was phishing attempts (83 per cent).”
Around one in five attacks identified were of a more sophisticated kind, such as denial of service, malware or ransomware.
Fifty-six per cent of businesses had a policy not to pay ransoms to cyber attackers.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here