– Organisations report distinct lack of in-house cyber skills –
Research from Databarracks has revealed that nearly half of UK organisations (47 per cent) feel that they have insufficient skills in-house to deal with the current cyber threat landscape. These figures are from the 2016 Data Health Check, a survey of over 350 IT decision makers in the UK.
The report, published last month, revealed that two thirds (66 per cent) of people questioned had been affected by a cyber threat in the past 12 months, with just 53 per cent of organisations feeling they have sufficient cyber security skills in their team to deal with attacks of this nature. The results support findings from the British government, which last year added cyber security to the UK skills shortage register.
Oscar Arean, technical operations manager at Databarracks, commented on the results: “The increase of cyber threats on UK organisations matches exactly what we see day-to-day – just a third of the respondents in our study remained unscathed by an attack in the last 12 months. Reassuringly though, the number of people looking to improve their security policies is increasing year on year, with a third of respondents in 2016 admitting they had reviewed policies and made changes following an attack, as opposed to 29 per cent in 2014.
“I was not surprised to see the number of organisations with concerns about internal cyber security skills, especially in light of the government’s findings from last year. The threat of a cyber-attack should be a major concern for all, but there are steps organisations can take to better equip themselves to deal with threats, and we’re already beginning to see that shift. Many organisations won’t have considered factoring these risks into their continuity plans until fairly recently.
“In the last 12 months over half of respondents have invested in new safeguards to protect specifically against cyber threats. Ongoing cyber awareness training, cyber threat monitoring software, and official cyber security policies were the most common investments in cyber security organisations made in the last year. This is a definite step in the right direction, but it seems that current resilience planning is mostly inward-looking at this point, as only 5 per cent of respondents had invested in a certification to a cyber security framework. Considering confidence in in-house skills is so low, it’s likely we’ll see an increase in adoption of security frameworks in the coming years.”
Arean concludes: “Ultimately, cyber threats aren’t going anywhere. It’s encouraging to see organisation reviewing and updating security policies following attacks, but the next step is to become more proactive. It’s better to invest in good practices now than pay the price later.”
Download the full Data Health Check report here.
View the online infographic here.
[su_box title=”About Databarracks” style=”noise” box_color=”#336588″][short_info id=’60468′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.