Cyberattacks in the UK are becoming more frequent, sophisticated, and destructive while businesses are underprepared to counter them, according to Keeper Security’s 2021 UK Cybersecurity Census Report.
To compile the report, Keeper partnered with Sapio Research to interview 1,000 senior IT decision-makers across the UK. Here are 5 key findings from our study.
1. Cyberattacks against UK businesses are increasing in frequency, intensity — and cost.
Nearly all respondents to Keeper’s survey (92%) experienced a cyberattack in the last 12 months, and over two-thirds (72%) were successfully breached at least once. Of those organisations that experienced monetary theft as a direct result of a breach, 41% lost over £50,000, and 8% lost over £1 million.
2. UK businesses aren’t investing sufficient resources to fend off attacks.
Nearly all UK organisations (92%) are aware of where the gaps or weak links in their cybersecurity defences are, but fewer than half (40%) are actively addressing all of them. One reason is insufficient budgeting; IT and cybersecurity investments aren’t a top priority for many UK businesses. Over one-quarter (28%) of respondents don’t consider IT to be one of their top 3 priorities for the next 12 months, and only 44% say it is their top priority.
Download the 2021 UK Cybersecurity Census Report
3. IT leaders in the UK are feeling the pressure to do more with less.
Nearly half (47%) of respondents say that their top concern is cyberattacks becoming increasingly sophisticated, 27% say that the frequency of attacks is their biggest worry, and 78% feel that their organisations are not prepared to deal with the barrage of cyberattacks they are exposed to every single day.
Many respondents feel that their head is the one that will roll if something does go wrong, with 31% saying that CTOs will bear the lion’s share of the blame in the case of a successful cyberattack.
IT leaders’ lack of resources is breeding severely negative behavior, with 36% of respondents admitting to having kept a cyberattack to themselves.
4. The pandemic forced many businesses to sacrifice security for the sake of business continuity.
The pandemic dramatically impacted nearly every UK business, forcing many to shift to remote work practically overnight. IT departments were challenged to manage the technical aspects of that migration while simultaneously ensuring that their organisations were adequately protected against cyberattacks.
In many cases, that balancing act toppled. Two-thirds (66%) of UK organisations relaxed their cybersecurity policies over the past 12 months so staff could work remotely or in order not to stifle productivity, and 22% have yet to update their cybersecurity policies to reflect the brave new world of remote work.
5. Nearly all IT leaders in the UK want more government involvement in cybersecurity.
Almost all (91%) IT leaders in the UK think that businesses should be legally required to have basic cybersecurity protections in place before being allowed to operate and trade, while 82% believe that new employees should be required to complete a basic level of cybersecurity training before they start a role at a company.
Further, 87% think that the creation of a regulatory body – an ‘Ofcom for cybersecurity’ – would be an effective way to hold businesses accountable and reduce cyberattacks in the UK.
Dive Deeper by Reading the Full Keeper 2021 UK Cybersecurity Census Report.
Go deeper into our findings by downloading the full Keeper Security 2021 UK Cybersecurity Census Report.
Keeper’s zero-knowledge, enterprise-grade password security and encryption platform gives IT administrators complete visibility into employee password practices, enabling them to monitor adoption of password requirements and enforce password security policies organization-wide, including strong, unique passwords and multi-factor authentication. Keeper takes only minutes to deploy, requires minimal ongoing management, and scales to meet the needs of any size organization.