UK businesses received, “on average, £237,402 worth of fines following data breaches or violation of data protection rules in the last 12 months, with half (50%) of respondents listing financial data as the most likely to be compromised.”
The findings come from ISMS.online’s latest State of Information Security report, which comes in light of the UK’s cyber security agency warning that the number of “hackers for hire” is set “to grow over the next five years, leading to more cyber attacks and increasingly unpredictable threats.”
Additionally, the newly-appointed Deputy Prime Minister Oliver Dowden recently “warned of credible incoming attacks targeting critical national infrastructure and supply chains by unpredictable actors.”
Luke Dash, CEO, ISMS.online, says:
“The potential impact of breaches can be crippling for businesses with the average fine nearing a quarter of a million pounds. We see time and time again companies unaware of the potential impact fines could have on them, let alone the threat to reputation and customer loyalty.
Data breaches were “the second most reported cybersecurity incident (36%) facing businesses after phishing attacks (39%).”
Financial data, “the most likely type of data to be compromised according to half of respondents (50%), was followed by customer data (48%) and employee data (42%).”
According to the survey, businesses “respond to cyber incidents by increasing information security budgets and team sizes.” However, in many cases “this is too late with businesses facing heavy financial penalties following an attack, not to mention the immeasurable reputational damage a breach can cause.”
Despite 90% of infosec leaders “agreeing that leadership teams view strong information security as a top priority, only two thirds (64%) expect to increase their infosec budgets in the next 12 months and just over half (54%) intend to bolster their teams.”
A significant cohort (39%) “listed budget constraints as their top challenge.”
Dash continues:
“Budgets are tight and businesses in the UK are facing rising costs across the board but not investing in key areas to do with cyber security is a false economy. Investing in infosec not only protects information assets but also builds trust, wins business, and highlights efficiencies that make a measurable difference to an organisation’s bottom line. In other words, good information security practices are good for business.”
You may check out the latest State of Information Security report here.
ISMS.online reportedly “surveyed 500 information security (infosec) professionals in the UK, comprising managers, directors, and C-level executives.”
As noted in the update, ISMS.online claims it is “a leading SaaS company empowering every business to achieve simple, secure and sustainable data privacy and information security through its people-friendly platform.”
Headquartered in the U.K., “with employees worldwide, ISMS.online has more than 12,000 users globally and works with a wide range of organisations — including enterprise brands like New Day, FDM, and Amigo.”
In 2020 they reportedly “saw the trend in forward-looking companies seeking to gain a competitive edge by extending their ISMS with a PIMS, which will only grow as the threat landscape does.”
They’re pleased “to be empowering companies seeking to ensure their infosec and privacy with a combination of ISO 27001 and 27701 using our platform.”
As forward-looking companies seek to gain a competitive edge by extending their ISMS with a PIMS, demand for which “will only grow as the threat landscape does.”
They’re looking forward to “empowering companies seeking to ensure their infosec and privacy with both ISO 27001 and 27701 using our platform.”