A leading security platform has warned that despite 60% of UK workers saying they have been victim to a cyber-attack, the level of awareness still leaves companies vulnerable to further incidents.
Armis has today released the findings of a nationwide study of 2,000 UK employees that analysed their thoughts on the country’s cyber resilience and their own attitudes to security.
The results found there is an acute and dangerous lack of awareness towards cybersecurity in the UK. Despite 60% admitting to having been impacted by a cyber-attack, the study found a general lack of awareness towards cybersecurity, revealing that only 27% are aware of the associated risks, while 1 in 10 (11%) admitted to not worrying about them at all and the same amount confessing that cybersecurity is someone else’s problem.
The pandemic saw a spike in cyberattacks on both organisations and individual people, with ransomware attacks alone doubling over the course of the past year. The survey also revealed that 27% of workers had experienced a phishing attack on themselves or their organisations, while 23% suffered a data breach and 20% experienced malware. Insufficient cyber resilience puts UK organisations and individuals at a high risk of falling victim to cyber criminals and suffering immense damage when it comes to business operations and reputation. With the increase in threats, the public are relying more on the government to provide support, resulting in 40% believing that a minister for cybersecurity should be instated to focus more on the issue.
Andy Norton, chief cyber risk officer at Armis commented: “It’s alarming to think that so many individuals will pay extra to invest in home, car or phone security yet will refuse to protect their online identities. With remote working and so much of ourselves being stored online, individuals risk being targeted in a variety of frauds and attacks. To make matters worse, with only 1 in 5 people paying for online security, organisations are put at risk of breach as attackers can use individual devices and accounts to gain access to corporate networks.”
“It’s clear that cybersecurity awareness and training must be made a priority within the UK government,” said Conor Coughlan, CAO and General Manager for EMEA at Armis. “This is an issue that must be addressed from the top down. Moving forward, more emphasis should be placed on security awareness training as well as technology controls that give organisations a full picture of risk exposure. Organisations need to understand the importance of investing in the right security to protect themselves and their customers and to avoid experiencing any downtime.”
The study found the top three future concerns for business and staff economic recession (54%), another pandemic (50%) and climate change (48%).
A large-scale cyber-attack on the UK’s critical infrastructure came in fourth at 21% the same percentage of the UK workforce which thinks Britain going to war is as much of a worry as the country facing a large-scale cyberattack on its critical infrastructure
However, 46% said the UK is more capable to deal with a cyberattack since leaving the EU, 34% said less capable, and 1 in 5 did not know
In total 20% of the workforce believe Russian-backed cybercriminals are the biggest threat to the UK’s cybersecurity, followed by financially motivated cybercriminals (17%) and Chinese-backed cybercriminals (16%).