You are here

UK businesses at ‘high risk’ of cybercrime

Employees seen as the weak link in organisational cyber security

16 June 2014

Add comment

By Manju Manglani, Editor (@ManjuManglani)

UK businesses are more concerned about cybercrime than many of their international counterparts.

That's according to a global survey by Ernst & Young, which found that 74 per cent of UK businesses believe cybercrime is a high risk to their organisations, compared to 49 per cent globally.

The research also found that businesses perceive employees to be a greater concern (36 per cent) than organised criminals (26 per cent) when it comes to sources of cybercrime.

"The rest of the world is playing catch up with the UK in recognising cybercrime as a serious threat. High-profile cybercrime incidents and a number of government initiatives may have played an important role in ensuring high awareness of this issue amongst business leaders here in the UK," said John Smart, Head of EY's UK fraud investigation and dispute services practice.

"The conversation now needs to move onto how businesses respond to these dangers. Awareness is just the beginning and business leaders need to ensure robust incident response strategies are in place. When a data breach does occur, many companies fail to investigate how and why an attack has taken place, which can leave networks compromised and exposed as the full extent of the breach is never uncovered."

The UK government recently launched its cyber security assurance certification 'Cyber Essentials' as part of its efforts to improve businesses' preparedness against common cyber threats.

From 1 October 2014, the government will require all suppliers bidding for certain personal and sensitive information handling contracts to be Cyber Essentials certified.

The scheme is a key objective of the government's National Cyber Security Strategy and is being delivered as part of the government's £860m National Cyber Security Programme.

The government's Cyber Essentials scheme has the backing of insurers, which are offering incentives to businesses to become certified.

"We will incorporate Cyber Essentials into our risk assessment process for new cyber insurance policies, offering preferential rates to those prospective AIG clients who have obtained a Cyber Essentials Certificate as part of our commitment to superior cyber hygiene and overall cyber risk management," commented Jamie Bouloux, cyber liability underwriting manager at AIG.

Marsh, Swiss Re, the British Insurance Brokers' Association and the International Underwriting Association have also given their support to the government's cyber security scheme.

EY's 13th Global Fraud Survey received responses from 2,719 executives across 59 countries (of which 50 respondents were from the UK).




Categorised in:

Risk & Compliance Technology