Most big businesses “still failing” to recognize cyber risks, survey finds

A survey of top businesses in the UK found that 86% of the largest firms traded on the London stock exchange do not even consider cyber risks when making decisions.

The survey found that just 14% of FTSE 350 firms even took cyber risks into account at board level, according to a survey from the Department for Business, Innovation & Skills. Only a quarter of those surveyed see cybersecurity as a top priority.
The news follows a warning from professional services firm KPMG that large British businesses regularly risk sensitive information such as email addresses by sharing documents online, according to PC Pro.
Despite this, 62% of companies think their board members are taking the cyber risk very seriously. Many board members receive no intelligence at all about cybercrime, the report said.

David Willetts, Science Minister, said: “The cyber crime threat facing UK companies is increasing. Many are already taking this extremely seriously, but more still needs to be done.We are working with businesses to encourage them to make cyber security a board-level responsibility.”

Information Age reported that the same government department had published a report in April, showing that 93% of large firms had fallen victim to a breach in the past year. Several of these breaches cost the companies millions, Information Age reported.
The UK government is now attempting to establish a standard for cyber security – backed by the country’s new National Cyber Security Program. Other departments have been even more vocal on the issue.
Earlier this year, the head of British intelligence agency GCHQ (Government Communications Headquarters) said that mainstream media reports offered a mere “snapshot” of cybercrime, as reported by We Live Security here.

“Cyberspace is contested every day, every hour, every minute, every second,” said Sir Iain Lobban, Director of GCHQ. Sir Iain said that although cyber attacks are now reported frequently in the media, the reports still fail to capture the scope of cybercrime.

“GCHQ’s cutting-edge technology adds a unique perspective on the issue, illuminating the threats in cyberspace. And I have to say that the incidents I see described in the media are just a snapshot of what is going on,” he wrote.

“On average, 33,000 malicious emails a month are blocked at the gateway to the Government Secure Intranet – they contain sophisticated malware, often sent by highly capable cyber criminals or by state-sponsored groups. And a far greater number of e-mails, comprising less sophisticated malicious e-mails and spam, is blocked each month.”