.jpg?width=300&name=iStock-1182226451%20(3).jpg)
New insights into the cybersecurity readiness of U.K. organizations shows cyberattacks are plentiful and costly, and there aren’t enough cybersecurity pros to help.
I just finished writing about how the U.K. is seeing a massive surge in the number of new cybersecurity firms and the massive shortfall of cybersecurity professionals to fill open jobs. The data from global recruiter Robert Walters and recruitment data provider VacancySoft also highlights just how bad the state of cyberattacks are in the U.K. today.
According to the report, cybercriminals are working at a furious pace and are making substantial profits:
- There are 65K attempted cyberattacks on UK Small to Medium Sized Businesses (SMB's) each day
- The average cost of a data breach in the UK is £2.48m
Part of the problem appears to be both the shift to working remotely, as 48% of executives state that their existing cybersecurity policies are currently not suitable for maintaining a 100% remote working model. In addition, the bigger problem goes back to the issue of filling those cybersecurity job vacancies – according to the report, only 28% of companies have sufficient cybersecurity staffing in the UK.
So, what’s a UK organization to do? You’re constantly under attack, your current strategies aren’t enough to secure remote workers, and you don’t have enough expert staff to make anything better!
The answer lies in looking at what you need to protect against; according to the report, ransomware was the #1 driver for cybersecurity initiatives, with phishing as the #2 driver. These two threats can be best addressed by looking at the common factor that does not require a cybersecurity professional to fix – the user. Users are the one part of a phishing attack that are necessary – in the form of engaging with malicious email and web content – to help an attack succeed.
By implementing Security Awareness Training, your organization can improve its state of security by educating users on the need to be vigilant and security-minded while doing their job (whether in the office or working remotely), and on the common tactics and methods used to trick them into becoming the unwitting participant.
The attacks on UK organizations aren’t going to stop anytime soon, but you can do something about it – even while short-staffed.
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!
