31 October 2017

With yet another survey exposing a worrying level of ignorance about cyber security, a leading consultancy has called for organisations to re-assess their approach to the issue.

According to the "Global State of Information Security Survey 2018" from PricewaterhouseCoopers (PwC), 17% of organisations do not prepare or drill for cyber attacks, while only 49% examine their defences by conducting penetration tests.

In addition, 28% of UK organisations confessed that they do not know how many cyber attacks they suffered in the past year, with 33% admitting that they do not know how the incidents they faced occurred.

Cyber attacks can happen to any organisation at any time, Richard Horne of PwC warned. It is therefore important that all businesses and public sector organisations are getting the basics right, he added, and that they continually test their approach to prepare themselves in the right way.

"Cyber security needs to be viewed as a ‘team sport’ rather than just an issue for the IT team," Mr Horne advises.

To be most effective, everyone in an organisation should be considering the security implications of their actions, he explained. Working with others across the public and private sector is also key, as forging close working collaborations and sharing intelligence is often the best way to tackle the latest threats.

However, the survey revealed that UK organisations are more reluctant than their global peers to join forces with others in the fight to reduce cyber risk. Of the 560 UK respondents, only 44% said they formally collaborate with others in their industry to improve security and reduce the potential for future risks, compared with 54% across Europe and 58% globally.

Further details of the "Global State of Information Security Survey 2018" can be found at https://pwc.to/2y0knqS.