Data Driven Futures

Third of firms ‘more vulnerable’ to cyber attack

Written by Hannah McGrath
07/11/2019

Over a third (36 per cent) of companies feel more vulnerable to cyber security threats than they did five years ago, according to a new survey of IT professionals.

A YouGov survey of 506 IT professionals for Alsid, a cyber security software provider, found that there is a gap between perception of cyber risk and actual preparedness.

A combined 72 per cent of respondents said they felt ‘fairly well’ (44 per cent) or ‘very well’ (27 per cent) prepared against enterprise grade ransomware attacks, despite the rising threat of cyber breach from malicious actors.

When asked about preparedness for certain types of attacks, nearly a third (29 per cent) of respondents admitted to being ‘not very well’ (22 per cent) or ‘not at all well’ (seven per cent) prepared for insider threats – an attack perpetrated by someone within the organisation.

This makes insider threats the highest-ranking threat in the category. In second place, 18 per cent said their employer was ‘not very well’ (13 per cent) or ‘not at all well’ (five per cent) prepared for an attempted targeted data theft.

A further 14 per cent of respondents said they were not prepared for Denial of Service (DDoS attacks) and attacks which exploit third party suppliers’ access ranked fourth, with 13 per cent stating a lack of preparedness.

Questioned about their own roles, 42 per cent of the professionals asked said they felt that their job had become more complicated in the last two years, but only 15 per cent feel more empowered to make decisions today compared to the past.

A total of 81 per cent of respondents stated that preventing hackers from accessing the first computer within an organisation’s network was ‘very important’, with 15 per cent agreeing it was ‘fairly important’, while 80 per cent agreed that responding quickly after the attack succeeded in gaining entry was ‘very important’ and 16 per cent said it was ‘fairly important’.

Jérôme Robert, chief marketing officer of Alsid, commented: “The enhanced profile of cyber threats and attacks is driving changes at the heart of IT and security functions within businesses, and I don’t think anyone can say now that security isn’t taken seriously at a senior level within companies.

“So the good news is that we’ve come a long way already, but you only need to look at the news to see that there are still gaps in security which lead to things like massively expensive ransomware incidents.”