The UK's cyber threat environment is intensifying according to the findings of a new survey.
The results of the poll, conducted by Carbon Black, reveal that 88% of UK firms have been breached in the past 12 months. Malware is the most prolific attack type in the UK, with more than a quarter (27%) of organisations naming it the most commonly encountered. Ransomware holds second position (15%).
However, the report warns that human error also plays a significant role, with phishing attacks at the root of one in five successful breaches. Weaknesses in processes and outdated security technology are also factors in a quarter of breaches.
Over the past 12 months:
- 87% of organisations have seen an increase in attack volumes;
- 100% of government and local authority organisations have been breached, 40% more than five times;
- 98% of financial services companies have reported breaches.
"We believe UK organisations are still under intense pressure from escalating cyber attacks," said Rick McElroy, head of security strategy for Carbon Black. "The average number of breaches has increased, but as threat-hunting strategies start to mature, we hope to see fewer attacks making it to full breach status."
Nine out of ten (93%) of organisations say they plan to increase spending on cyber defence. In addition, 60% of UK organisations surveyed said they are actively threat-hunting and more than a quarter (26%) have been doing so for a year or more.
"We believe threat-hunting is an integral part of a mature security posture," McElroy said. "It's encouraging to see this number continuing to climb."
Another new report has warned businesses to tighten cyber security as Making Tax Digital (MTD) approaches. Digital specialist Xcina has urged accountants, in particular, to tighten security before MTD comes into force on 1 April 2019 and to flag up the risks to staff and clients.
"With MTD being so new, criminals will view this as the perfect time to trick the unsuspecting into revealing confidential information," said Michael Stevens, Xcina ceo.
"As much of the latest cyber breach research shows, it's employees within organisations that present the biggest vulnerability. There needs to be far more awareness, and education, around this issue as people are unaware that they could be a target, nor do they know how to respond when they are targeted."
The Institute of Chartered Accountants in England and Wales (ICAEW) has also raised concerns around cyber housekeeping following MTD. In addition, the Treasury Select Committee said: "The potential for hacking and cyber attacks will increase and ... guidance on protecting businesses and individuals needs to be available."