Intelligent CISO Issue 74 | Page 27

EDITOR ’ S question

WHAT LESSONS CAN BE TAKEN FROM THE UK

GOVERNMENT ’ S CYBER SECURITY BREACHES SURVEY 2024 ?

he cyberdefences of UK businesses are

T faltering as 50 % of businesses reported a cyberattack or breach over the past 12 months , according to the government ’ s latest Cyber Security Breaches Survey 2024 .

The figure rose substantially among medium businesses ( 70 %) and large businesses ( 74 %), while 32 % of charities were subject to an attack or breach .
Phishing was by far the most common threat type facing businesses , attacking 84 % of targeted businesses . While organisation impersonation and virus or other malware were the next most common threatening 35 % and 17 % of targeted businesses respectively .
The increased threat landscape comes despite a rise in cyberhygiene , with 83 % using up-to-date malware protection , up from 76 % last year , and 75 % deploying network firewalls , up from 66 %.
The most disruptive breach over the past year cost each business an average of approximately £ 1,205 .
“ From the Prime Minister to large enterprises to charities , anyone and everyone can be targeted by a malicious cyberattack ,” said Achi Lewis , Area VP EMEA for Absolute Software . “ It ’ s more important than ever for organisations to have cyberresilience underpinning robust defence measures , emphasising reactive , preventative and recovery procedures , as threats are a case of when not if .
“ Especially in today ’ s work-from-anywhere world , security teams need visibility over an organisation ’ s entire network to protect devices , applications and ultimately staff .
“ Secure access technology can establish trust between devices and a network , alerting centralised IT teams to suspicious behaviour and providing them with the power to freeze or even shut down potentially compromised devices . An approach to
From the Prime Minister to large enterprises to charities , anyone and everyone can be targeted by a malicious cyberattack .
security that includes cyber-resilience built into defences is the best way for targeted organisations to ensure their measures are working as needed to avoid being breached .”
In total , 31 % of businesses claimed they have undertaken cybersecurity risk assessment over the past year , while a third ( 33 %) deployed security monitoring tools to bolster their defences .
“ There is no doubt that developments such as AI have made the job of security teams more difficult over the past year , increasing the volume and sophistication of external threats , as well as creating an open door for insider threat through tools like ChatGPT ,” said Oseloka Obiora , CTO , RiverSafe . “ Now , organisations need to be even more aggressive with their response and remediation plans if they are to withstand a new flavour of AI-generated cyberattacks .
“ To increase preparedness , security teams need robust network visibility to enable them to swiftly detect and address vulnerabilities across systems , mitigating the impact of cyberthreats , especially across complex or dispersed IT systems ,” added Obiora .
The number of businesses insured against cybersecurity risks rose from 37 % to 43 % over the past 12 months , a figure which rises among medium and large companies .
WWW . INTELLIGENTCISO . COM 27