IT and technology companies in the UK have experienced an average of 44 cyberattacks in the last 12 months – roughly one every 8 days – according to new research by Keeper Security. The company’s 2021 Cybersecurity Census Report has revealed that the large majority of IT decision makers (79%) within IT and tech companies in the UK expect the number of attacks to increase next year amidst concerns that they are missing the right skills and solutions to adequately protect themselves against these attacks.
Overall, almost all (95%) IT and tech companies are aware of where the gaps in their current cybersecurity defences are but, worryingly, only 40% are addressing them, leaving organisations vulnerable to future attacks. The acute cybersecurity skills shortage in the UK is one of the contributing factors to this, with 59% of IT decision makers stating that it is impacting the cybersecurity efforts in their organisation.
Leaders in the IT and tech space believe the skills gap doesn’t just apply to their direct teams but runs deep within organisations. Over half (60%) state that employees don’t understand the cybersecurity implications of poor password hygiene. Many IT decision makers (69%) therefore urge their companies to do more to educate employees on cybersecurity best practices while three in four (73%) are in favour of mandating basic cybersecurity training before new starters join a business.
“The UK’s IT and tech industry is a stalwart for innovation but when it comes to cybersecurity the sector still has some catching up to do,” says Darren Guccione, CEO & Co-Founder of Keeper Security. “Our research has found that cybercriminals are really turning up the heat and will continue to target IT and tech companies in the years to come. To counter this, it is essential that organisations address both the current skills gap and implement stringent IT policies that include a zero-trust and zero-knowledge approach to cybersecurity. With the best cyber defence solutions in place, IT and tech companies will be able to weather the cybersecurity storm they continue to face.”
IT decision makers themselves believe that, in addition to the right skills and solutions, three key initiatives would help fortify an organisation’s cyber defences. Firstly, two-thirds (72%) are calling for a member of the board to be dedicated specifically to the cyber-welfare of the business. Secondly, a large majority (88%) believes that more external oversight and accountability in the form of an independent body – an ‘Ofcom for cybersecurity’ – would be an effective way to reduce cyberattacks in the UK. And, finally, almost all IT decision makers (92%) are in favour of legislative change that would require businesses to have basic cybersecurity protection in place before being allowed to operate.