Most businesses expect cybersecurity threats to increase over the next year
Complex firms are easy to attack, report warns
Today’s business landscape is creating an environment in which cybercrimes can thrive, and this threat is only set to increase, a new study has found.
Polling 3,600 business and technology executives from around the world for the report, PwC found multiple factors contributing to the rising threat of cybercrime, including lower barrier for entry for numerous types of malware attacks, rising complexity of organizations due to mergers and acquisitions, remote working, or multi-vendor environments, to name but a few.
As a result, two-thirds (66%) of UK business leaders believe the cybercrime threat will only increase, going forward, mostly fearing ransomware attacks, business email compromise, and viruses delivered via software updates.
Challenges
For Bobbie Ramsden-Knowles, Crisis and Resilience Partner, PwC UK, there are things businesses can do, especially when it comes to ransomware:
“Whereas other types of crises may be perceived as 'black swan' events that can not be predicted, ransomware attacks have become so widespread that we have seen a common set of challenges and decisions that all organizations would face,” he said.
“Developing - and aligning - ransomware playbooks for executive crisis teams and operational responders is a no-regrets move. And, testing these through wargames and exercises can reduce uncertainty, build confidence in the ability to respond and help prioritise focus on preventative measures.”
Rising complexity in business operations is only rubbing salt in an already open wound. Growth, mergers, and acquisitions, as well as rapid adoption of new technologies and endpoints, have made security difficult, with 86% of business leaders stating the levels of risk are “concerning”.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Attacking clouds
The majority (64%) expect more attacks against their cloud infrastructure, it was said, yet less than half understand cloud risks, based on formal assessments. Supply chain risk is no different - most firms expect more breaches through this attack vector, yet just 42% have formally assessed their exposure.
To combat the threat, most firms are upping their security budgets for the coming year. However, simply throwing money at a problem does not mean it will go away. Richard Horne, Cyber Security Chair, PwC UK said businesses need to ensure the best possible ROI.
“Our research found that few organizations are confident they are reaping the rewards from increased spending. For example, while 37% of UK respondents said they had implemented cloud security at scale, just 18% are fully realizing the benefits of their investment. The remainder either weren’t investing in this area or hadn’t yet implemented it at scale.
“To overcome this challenge and build greater confidence in their security investments, organizations must improve their cyber risk modeling and analysis. This ensures increases in cyber budgets are allocated to priority risks and help build long-term resilience,” he concluded.
- Stay protected with the best antivirus around
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.