UK companies pay more attention to cyber security
We reported a few weeks ago on research showing that cloud security was becoming a concern outside the IT department and having an impact on the boardroom.
Now a new study in the UK by Tom Neaves, Managing Consultant at security specialist Trustwave backs this up, showing that cyber security is increasingly becoming a corporate issue.
Looking at the annual reports of UK companies over recent years, the findings show that in 2012, just 49 percent of FTSE 100 companies made a reference to cyber security. In 2013, the number increased to 60 percent. And in 2014, more than three-quarters of companies (76 percent) referenced it.
There are also changes across industry sectors. Neaves says, "In 2012 and 2013, the utilities industry remained stagnant at 60 percent of companies recognizing cyber security. In 2014, that number rose to 80 percent. On the other side of the spectrum, the oil-and-gas industry saw no change in 2014 at 85 percent. But that’s still a vast majority. I also saw a significant jump in the financial and health care industries, both showing an increase of 25 percent".
As to why companies are taking security more seriously, it could be due to a number of things, the number of data breaches that made news headlines in 2013, increases in the number of internet-connected control systems, as well as involvement at a Government level to help improve cyber security across all businesses such as the UK government's Cyber Essentials Scheme.
Neaves concludes that increased recognition of security at board level is a step in the right direction, but notes, "...a security program is only as good as the people who manage it. If businesses lack the manpower and skillsets to ensure their controls are installed, updated and working properly, they should augment their in-house staff and partner with a third-party team of experts whose sole responsibility is to protect their information".
You can read more about the findings on Trustwave's blog.