Britain’s businesses are increasingly aware of the threat of cyber attacks, but often do not know how to combat digital crimes or how to report attacks.
A total of 94pc of firms believe IT security is important, but only 56pc have a strategy in place to deal with it, according to a study from the Institute of Directors and Barclays. Although attacks are increasingly common, 40pc of the nearly 1,000 companies surveyed said that if they were a victim of online fraud they would not know which law enforcement to inform.
Tesco Bank fell victim to hackers last year and had to pay millions of pounds to refund customers whose accounts were raided. Lincolnshire County Council’s computer system was closed down by hackers demanding a ransom from the local authority in another high-profile attack, while telecoms company TalkTalk was fined £400,000 for failing to keep customer data safe, following a hack which stole information on more than 100,000 customers.
The IoD said companies should put formal training systems in place for their staff, as 44pc of companies do not have any cyber security awareness schemes currently. Directors should also be trained more thoroughly, the group proposed, and businesses should run more simulations to see how they would cope with any cyber attack.
“This report has revealed that business leaders are still putting cyber security on the back burner. The results, even for small and medium-sized businesses, could be catastrophic,” said the IoD’s director general Stephen Martin.
“With threats evolving all the time, and demanding new regulations just around the corner, we cannot afford another year of complacency from business. Now is the time for firms to test their defences and make sure all of their employees, including management, have the right skills and knowledge on cyber security. This isn’t an IT issue, it’s a business survival issue.”
Meanwhile cyber security firm Vauban Group is launching a $100m fund to buy and grow firms in the sector in the UK and Qatar.
Author – Tim Wallace