Why are fewer businesses, organisations taking cybersecurity seriously?

*A recent cybersecurity report published in the United Kingdom indicated that fewer businesses are using security monitoring tools than 2020, with a particularly sharp drop-off in organisations’ using any kind of monitoring at all

Gbenga Kayode | ConsumerConnect

There has been a strong sense that the COVID-19 pandemic has worsened the cyber risks faced by businesses and organiations in diverse economies in the world.

A combination of rapid digital transformation of operations and the willingness of attackers to exploit the uncertainty this creates has made for a fertile environment for cybercrime to flourish, CyberNews report said.

Referencing a recent report from the UK Government’s Department for Digital, Culture, Media, and Sport that highlights the scale of the problem, report noted that research revealed that nearly 40% of companies and over 25% of charities have suffered from some form of cyberattack in the last year.

A cybercriminal

This number grows among larger organisations, with 65% of medium-sized businesses suffering an attack, 64% of large businesses, and 51% of high-income charities.

It stated: “News that two in five UK firms suffered a cyberattack in 2020 is a cruel reminder that hackers will not lay low during a crisis, says Chris Harris, Europe, the Middle East and Africa (EMEA) technical director at Thales UK.

“Cybercriminals are all too aware of the vulnerabilities that exist for businesses during the pandemic, and have taken advantage of potential distractions and disruptions facing organisations.”

In connection with the need to step up to the challenge, the report said the problem, however, is compounded by the fact that businesses seem to be struggling to administer the kind of cybersecurity measures they need to fully address the challenge.

Fewer businesses are using security monitoring tools than last year, with a particularly sharp drop-off in organisations using any kind of monitoring at all, according to report.

As such, it’s possible that many organisations are simply less aware of the breaches they’re facing and the threats to their operations.

This head in the sand approach is highly questionable, not least because over a quarter of organisations said that they were suffering from attacks on a weekly basis.

By far the most common form of attack was phishing, with an incredible 83% saying that they faced this risk on a regular basis.

In terms of a sweeping impact of breaches, the report added that these attacks are also having a significant impact on organisations, with over 20% reporting that attacks resulted in a loss of either income, data, or other key assets in the process.

Even if there wasn’t an explicit loss, many of those attacked had to implement operational changes to try and protect themselves from follow-on attacks, which takes resources away from operational matters.

Given these consequences, it’s heartening to see that cybersecurity is a growing priority for executives, said the report.

In bolstering security, it is noted that of the organisations that have been able to implement some operational changes, the use of Virtual Private Networks was by far the most common, with many organisations also turning to cloud servers to help accelerate any of the digital transformations they have undertaken.

“Whilst cloud servers and rapidly rolled out digital transformation strategies have enabled companies to operate remotely in the wake of Covid-19, cloud services may not offer the same protections that internal servers do and many businesses have been caught out.

“This failure to install appropriate cybersecurity measures can lead to serious reputational, financial and business risks for organisations,” Technical Director Harris suggested.