The cyber security threat landscape is evolving at lightening speed. Attacks are becoming increasingly sophisticated, and businesses are finding it difficult to respond. Even large organisations, with significant budgets, are being targeted. Not only that, but breached. The number of high profile cases is rising by the month, highlighting an increasing joy being experienced by cyber criminals. This is illustrated by the fact that 2018 has seen 53% of company executives reporting to have paid a hacker’s ransom following an attack, in a desperate attempt to protect critical business files. It’s the first time that a majority has admitted to paying the ransom.
Failing to incorporate all risks
As mentioned, cyber criminals are becoming increasingly varied in their approach to attacking organisations. As a result of this, businesses must constantly be reviewing their defence systems. This may mean purchasing new technology, connecting devices to new software or embracing different ways of working. Unfortunately, for many business owners, they don’t have the money, or the time, to invest in such systems. Consequently, this is being neglected, leading to hackers taking full advantage.
Poor employee awareness
Employees are widely seen as the most obvious point of weakness in the defence chain of a business. It comes as no surprise, therefore, that many attacks are aimed at those who may not have a sufficient understanding of cyber security guidelines. This often comes in the form of phishing emails, where employees allow access to critical business systems by opening or following the link in an email. Such breaches are widely reported, meaning more must be done to improve the security awareness of employees.
Lack of spending
Budgets must be closely followed by any organisation, and how much of that budget is designated to security is often pinpointed as the most significant barrier to defence enhancement. In fact, the 2017/18 Global Information Security Survey (GISS) found that 70% of businesses claimed that they required 25% more security spend than they were currently getting. However, only 12% of respondents expected to receive an increase of more than 25%. This highlights the current shortcomings, and why so many businesses are losing the security battle.
This has to change, and fast.