For the first time, cyber-attacks have overtaken hardware failure and human error as the leading cause of data loss.
Just six years ago, cyber-attacks and internal breaches accounted for only 13% of attacks. Since then, we’ve watched malicious attacks transform from minor concerns to nothing less than the single largest threat to an organisation’s data.
Here, we’ll break down some of Databarracks’ findings in the latest iteration of its Data Health Check report.
How Prepared are You?
Business Continuity Plans have seen a steady growth in adoption over past surveys conducted by Databarracks and this
year is no different with another large increase – from 71% to 77%.
More companies than ever are adopting data retention policies too. Digging a little deeper into the data, however, tells another story. There is a significant disparity between large and small organisations.
Across industry, Banking & Finance was the leading sector in up-to-date Business Continuity Plans (61%).
Overall, organisations are better prepared for ransomware attacks this year, using a wide range of methods to detect ransomware – the most common being network monitoring and the use of honey pots at 36% and 25%, respectively – before it can cause any lasting damage.
There was also a sizable increase in organisations having a policy for how they will deal with a ransomware attack, compared to last year.
For now, paying the ransom is still the most common response to a successful attack (44%).
A third of those surveyed did not pay and used their backups to recover.
Are companies taking the Russian cyber-threat seriously?
With no immediate end in sight for the conflict in the East, the NCSC has warned UK firms to be on high alert for possible Russian cyber-attacks. Many organisations took direct action, but once again, how much depended on the organisation’s size.
Notably, almost three quarters of small businesses said they weren’t taking any precautions to mitigate the impact of a possible Russian cyber-attack.
Although small companies experience fewer cyber-attacks when compared with larger organisations, it is important they are not complacent. The impact of an attack on one of these companies can be catastrophic.
Across the board of security precautions taken to mitigate the impact of a potential Russian cyber-attack, the majority (40%), said they had updated/implemented anti-virus software, followed by updating logging and monitoring at 31%.
As we’ve seen, cyber threats cannot be ignored – so what are organisations doing to manage their risk?
More companies than not carried out cybersecurity training in the last six months. However, organisations still feel they are lacking the right cyber skills to offset their risk – here, we see a huge disparity with 61% of small companies acknowledging this compared to just 29% in large companies.
Again, digging deeper into the data, industry also matters in this regard. Companies in Banking & Finance were the most likely to have a board member responsible for cyber security (75%) while the Professional Services sector had the lowest number at 32%.
While the report’s data held plenty stark warning, there’s also reason for optimism. More organisations have Business Continuity Plans, cybersecurity training is more frequent and organisations are being more proactive in their defence against cyber threats.
Looking ahead, the rate of growth in cyber-attacks is unlikely to slow. That is why it’s imperative that the right security measures are in place so when it does happen – you can respond quickly and efficiently.
Get the latest news from DIGIT direct to your inbox
Our newsletter covers the latest technology and IT news from Scotland and beyond, as well as in-depth features and exclusive interviews with leading figures and rising stars.
To subscribe, click here.