With cyberattacks occurring at such a regular frequency, UK organizations are desiring for the government to provide guidance and support on how to prepare for and address attacks.
Despite the UK government’s National Cyber Security Centre releasing its Annual Review just two months ago providing details on the latest threats and best practices to counter threats, according to recent survey data from RedSeal, nearly one-third of UK organizations feel the government does not offer businesses enough guidance or support on cybersecurity.
This comes at a time when nearly one-fifth of UK organizations have no plan in place to deal with a cyberattack. This lack of preparedness has costs UK businesses dearly. According to ReadSeal, of those organizations experiencing an attack in the last 12 months:
- Two-thirds (67%) stated the attack had resulted in a financial loss
- Over one-third (37%) experienced a loss of customers
- Nearly half (43%) suffered damage to their reputation
The UK government’s Cyber Essentials does provide both guidance and certification around cyber security, but does require review by accredited bodies (at a cost to the organization), which may deter some companies from participating.
With so much at risk, UK organizations should – at a minimum – focus on creating a layered security strategy that protects against prevalent threat vectors. Solutions should include:
- OS, application, and browser patching
- Endpoint protection / Antivirus
- Email / Web Gateways
- DNS Protection
- Security Awareness Training
- Privileged Account Management