UK organisations double cyber security spend but aren’t seeing the return

UK organisations doubled their information security budgets last year, spending £6.2m on average (2015: £3m), and over one and a half times more than their global counterparts (average spend £3.9m).
Despite this, nearly a fifth (18%) don’t know how many cyber-attacks they experienced last year and 17% of all respondents don’t know the likely source of security incidents.Government Opportunities

In the week the new National Cyber Security Centre opened in the UK, PwC has published the findings of its latest annual Global State of Information Security Survey 2017, produced in conjunction with CIO and CSO, based on interviews with over 10,000 executives from more than 133 countries, including 479 UK respondents.

With security incidents now costing an organisation an average of £2.6m (up from £1.7m last year, an increase of 53%), executives around the world are waking up to the fact that they can no longer afford to take a passive approach to protecting their assets, leading to the increase in budgets.

Boards in the UK aren’t getting as involved as other markets either in setting the security budget, or more importantly the strategy. Only a third of UK companies (33%) have the board involved in setting security budgets compared to the 39% global average, and even fewer (28%) partake in the strategy (42.5% globally).

Not only have the average number of security incidents UK companies faces increased by 23% in the last year to 5,792, but the threat landscape is also changing. The top insider risk and source of incidents for UK organisations continues to be current employees, with former employees a close second, but current service providers, consultants or contractors are increasingly likely to be the cause of cyber threat to a business now too.

It’s also clear that phishing still works to target these groups, with the majority of cyber security breaches reportedly caused by phishing incidents (37%).

Security incidents are now costing organisations more and 79% of UK companies have suffered down-time because of them. Despite this, this year’s study showed a decrease in the number of UK companies who are investing in cyber insurance. In the previous study, 59% had a cyber insurance policy, but in the last year this has decreased to only 38% of respondents reporting to have one (and 10% of these don’t even know what it covers), compared to 53% globally.

UK organisations are also more likely than the rest of the world to keep their cards close to their chest and not share security knowledge with others. Only 40% collaborate with others to reduce future risks, compared to over half across Europe (52%) and globally (55%).

Richard Horne, UK cyber security partner at PwC said:

“We’re beginning to see a shift in thinking. Organisations have come to realise that they can’t view cyber security as just a cost or barrier to change given the many high profile incidents we’ve seen recently.
Getting security right is not only essential to the day-to-day running of a business, but can even be a competitive advantage, help to drive business growth and build brand trust.

Cyber security is far more than just building security controls – it’s about changing your organisation to be securable.

That requires all aspects of a business to be engaged, to make tough decisions at board level, and embed consideration of cyber security risk in all decision-making processes.

It’s not just about having more budget to buy more technology to patch cyber security holes. UK organisations need to take a more strategic approach to how they spend their increased budgets to start to see a real uptick in security posture.

Instilling a cyber-aware culture in an organisation, and controlling who has access to what information, continues to be of utmost importance. Even with the best technology available on the market, employees can still be your weakest link.

But when trying to assess your ‘insider’ risk, it’s important to look not only at your internal data, people and processes, but also at the third party relationships closely connected to your business – that is where the threat increasingly lies.

UK companies remain wary about sharing security knowledge, but working with partners within a particular industry can significantly improve threat intelligence awareness and an organisation’s ability to spot potential incidents before they escalate.

The organisations that get their approach to cyber security right are the ones that will prosper, build trusted brands and sustained value.”

Share This Post

More To Explore
Blogs

Spotlight on…Fraser Haddow

This month’s spotlight turns to our IT operations and development department with Fraser Haddow.  In what capacity did you join BiP? What role did you start in and what role do you have now? I joined BiP in the role of Scrum Master, but have recently transitioned to Platform Success Manager. Whattakes up the most amount of your time in your day-to-day?  Azure DevOps! It’s the platform that allows us to track progress on our product development and keep track of any issues, so it’s use forms a large part of the role. What do you like most about your job?  I like seeing a product improvement travel through all the stages from idea to implementation and then deployment, overseeing the journey to completion provides a great sense of satisfaction. What do you like most about working at BiP?  I like interacting with lots of people that span multiple departments and roles, this keeps things interesting, and it always helps to see things from other people’s perspectives. What does a great day at work look like? It always starts with coffee – then a day with a few meetings (not too little or too many!) and some time to get some work done. Ideally, right now a good day also involves bugs being closed and no new ones being opened. Do you have any unusual hobbies? I’m a big movie nerd and am very into low budget/indie horror which is maybe unusual! Music wise, I also am very into death metal and New York hardcore which is a little unusual. Been anywhere strange? (country/place/bar/tourist attraction?!) The most fascinating place I’ve been is a city called Varanasi in India – would recommend to anyone, it’s super interesting. Blow your own! … what do you excel at? Work or leisure I like to think I’m quite good at guitar and drums. Work wise – I think I’m pretty good at being organised, but my colleagues can tell you if that’s true or not! Quick fire:  Coffee or tea – Coffee Book or film – Film Cat or dog – Dog (I have a Spanish greyhound) Hot or cold – Hot Salty or sweet – Salty Tattooed or not – Not Night out or night in – Night in  Email or meeting – Depends on how many other meetings are on! Teams calls: video call or audio? – Video Eating: al-desko, break room or break out altogether – Usually al-desko Mountain or beach – Beach

Vicky Maggiani 19th July 2023
Blogs

Spotlight on…David Stewart

This month’s spotlight falls on our BI Sales Division and David Stewart. A relatively new member of the team he has been at the company for just over a year, joining in May 2022 as a Business Development Manager for Tracker. Thanks for joining me, David. How are you enjoying life at BiP? I really like it, even though it’s taken a while to get to grips with B2B. I came from B2C, so I‘d never done business sales before, but the rewards are starting to come through. I managed to do 175% of my target last month and I’m on track for target this month – if everything goes to plan! What did you do before coming to BiP? I had a seven-year career at EE, starting as a part time sales advisor through to managing a couple of shops and being a sales manager for them. And what would you like to be in the future is there a dream job or a dream position? Aspirational goals? I’d love to get to director level at some point within a company. So be that Sales Director, Operations Director, that’s my goal What takes up the most of your day-to-day? Most of my day is genuine client interaction, customer interaction and reaching out to new prospects. Understanding what their challenges and struggles are to work with the public sector. And what sort of challenges do your customers have? what sort of challenges can you help solve for them? The challenges I’m hearing are that they don’t understand how to build the relationships with the public sector buyer before the tenders are published. They need to get in there as early as possible, to develop these relationships and we really are making a difference to their business because they’re not just running a tender, we’re helping them build a relationship for future business. It’s actually good to know you’re making a difference to somebody when you’re selling something. Do you prefer to be Working from Home or in the office? I like being in the office. I like having an atmosphere around me and the support network, your manager and your teammates. I’ve always thrived off a good atmosphere, so I prefer to be in the office than work from home. Are there any sort of changes or initiatives you’d like to implement into BiP? I ran a couple of charitable events at EE before, Charity 11 aside football matches and things like that. There’s a lot of buildings around, there’s the BBC, The Village hotel, big corporations, big businesses that I don’t see any reason why they wouldn’t want to get involved in charity stuff like this. It’d be great to implement something like that. What the biggest challenges you have in your role? Managing customer timelines and managing my own pipeline. That’s the hardest part of this job. Not knowing when something’s going to come in and when something’s pulled out from under you. My colleagues and my manager Chris help me regularly with this and are extremely supportive. What do you like most about your job? The interaction with people, I’m a big people person. I really enjoy speaking to people in different industries, different businesses and just learning more about what they’re doing for two reasons. It builds up my knowledge of the market in general and lets me understand what businesses are really struggling with. Speaking to people and making a difference is the thing that makes a big difference to me. Speaking to someone about the challenges they’re having, and if I can genuinely fix it for them, that’s what I like most. What do you like most about working at BiP? The culture is very good so far and very much gives back as well and looks after its employees. The support and the culture in the business to make sure everyone succeeds is incredible. What does a great day at work look like? A great day looks like this: seeing my name up in that sales board a few times on one day. As soon as a deal comes in, but also coming in to a reasonably filled diary. Do you have any unusual hobbies? I’m a very keen badminton player. I’ve been playing for years competitively. I had my own deejaying business for a couple of years as well. Quick fire. Coffee or tea – Coffee Book or film – film Cat or Dog – Dog, I have a dog. Hot or cold – I prefer being cold Salty or sweet – Sweet Tattooed or not – tattooed Night out or night in – Night out. E-mail or meeting – Meeting Teams call video or audio – Video, always video. Lunchtime: Al-desko, break room or break out altogether – Break out altogether, I like sitting in the breakout zones. Mountain or beach – Beach

Vicky Maggiani 23rd June 2023

Do You Want To Boost Your Business?

drop us a line and keep in touch

Contact Us