Cyber incident management, preparation and planning is key state experts

Published on

According to the government’s Cyber Breaches Survey 2019, 32% of businesses that experienced an attack in the past 12 months needed new measures to prevent further attacks and only 31% of businesses surveyed had carried out a cyber risk assessment in the past 12 months.

UK businesses remain underprepared for cyber incidents says Cyber Security Connect UK, the leading conference and industry forum for CISOs. According to the government’s Cyber Breaches Survey 2019, 32% of businesses that experienced an attack in the past 12 months needed new measures to prevent further attacks and only 31% of businesses surveyed had carried out a cyber risk assessment in the past 12 months. With the risk of cyber-attacks heightened and the cost of cyber incidents rising, the stakes have never been higher for British business, says CSCUK.

Michele Hanson, global CISO at MicroFocus and CSCUK steering committee member said: “Research shows that in the first half of 2019 cyber-attacks on British businesses were up by 45% on last year. With this in mind, it is not ridiculous to assume that an attack will likely happen to your business in the near future. Despite this fact, surveys also consistently show that companies feel underprepared or not prepared for cyber-security breaches. There are many reasons why this is the case for businesses, including complex IT infrastructure and a lack of planning perhaps but the reasons to rectify these issues are much more prolific. Reputation, customer confidence and therefore customer loyalty could all be effected by a breach so being prepared is vital.”

Martin Smith, Cyber Security Connect UK Conference Chair and Chairman and Founder The SASIG, added: “The excuses for being underprepared for cyber incidents are running out. Having the basic defences in place, as well as a clear idea of how your processes are tested and how you would act should an incident occur is within everyone’s grasp, with the right information and support and this is out there. We would urge British businesses to start acting now and to put incident response at the core of any plans made. Waiting too long and paying the consequences for doing so could be devastating.”

Best practice in regard to cyber incident management will be a key area of discussion during Cyber Security Connect UK 2019.