After the wealth of high profile cyber attacks that have hit the headlines in recent years, it’s no surprise that in the latest Cyber Security Breaches Survey 2017 three-quarters of UK businesses indicated that cyber security is now a high priority for senior management.
However, while awareness has heightened, two in five businesses report not having sought any advice, guidance or information on the cyber threats that their organisations are facing over the past year.
Undeniably, the greatest challenge can be just knowing where to look. Of those organisations that sought information, a third (32%) of companies turned to external security or IT consultants, while 10% used online searches.
One of the greatest information sources, however, appears to be massively overlooked by the majority of British businesses. The survey revealed that just four per cent of companies have used Government or other public sector resources over the past year. Given that three-quarters of those who used their materials found them useful, there is a clear lack of awareness around the guidance the Government can offer.
Open door policy
To date, the uptake of Government resources has been disappointingly low. However, to remediate this and encourage more organisations to see guidance on cyber security, the Government is actively promoting its new open approach to cyber.
The launch of the National Cyber Security Centre (NCSC) is the flagship of this new campaign. Its open door policy actively encourages organisations to engage with its expertise and resources, as well as promoting its active defences activity that works to improve the nation’s cyber hygiene.
But following the important investment in this new centre, coupled with the poor uptake of Government and public sector cyber resources, it is clear that greater promotion is needed encourage more organisations to tap into its resources.
What’s on offer
The Government offers a number of resources that organisations of all sizes and cyber maturity can benefit from.
For organisations taking their first steps in basic cyber hygiene measures, the cyber essentials scheme provides information on putting the fundamentals in place. A basic level of cyber security has been shown to prevent up to 80% of attacks, massively reducing an organisation’s risk.
The cyber essentials scheme is a must for organisations that want to get the basics right and ensure that security solutions and budget are used most effectively.
To keep up to date on the ongoing cyber threats and high risk vulnerabilities, businesses off all sizes should sign up for the alerts and advisories that the NCSC circulate.
The recent WannaCry ransomware is a clear example of where these advisories are a valuable resource. While the mass media did a great job of highlighting the ransomware attack, the NCSC was able to offer details of where organisations could find practical guidance for how to prevent ransomware infections and what to do if infected.
Finally, organisations should ensure its security and IT employees are tapping into the Cyber Security Information Sharing Partnership (CiSP). A joint industry and government initiative, CiSP provides a platform on which members can exchange cyber threat information in a confidential and secure environment in real time.
Similar to the NCSC alerts, this ensures that subscribed security professionals are kept up to date on the current threats that other organisations are facing. This helps teams ensure they have the necessary defences in place to prevent such an attack.
At McAfee, we believe that we’re better working together. When combining our resources, information and guidance, we give ourselves the best chance of defending against this evolving threat.
But organisations must seek out this information. Two fifths of organisations are leaving themselves vulnerable against new and evolving threats, when a wealth of information is readily available.
Organisations of all sizes should be tapping into government resources for up to date information that will help them better defend against the evolving threat landscape. And it’s essential that greater awareness of the potential of these resources is raised to drive more companies to seek out informed, impartial advice on cyber security.
Sourced by Gordon Morrison, Director of Government Relations at McAfee
The UK’s largest conference for tech leadership, TechLeaders Summit, returns on 14 September with 40+ top execs signed up to speak about the challenges and opportunities surrounding the most disruptive innovations facing the enterprise today. Secure your place at this prestigious summit by registering here