Earlier this month BlueCoat and Experian released independent reports which painted a bleak picture of UK firms' information security practices, finding in particular that companies didn't have appropriate incident response plans, or carry out appropriate risk and security assessments.
In a study which consulted 1,580 infosec professionals, BlueCoat found that nearly a third of UK businesses admitted to a data breach in the last year. However, despite this, it was the high-profile breaches (cited by 61 percent of businesses) which had driven home the importance of cyber-security.
Mark Kedgley, CTO, New Net Technologies comments, “The report is concerning and unfortunately the results tally with our experience within the market, where US companies are generally taking cyber security more seriously than their UK counterparts.
“Not only are businesses unprepared for a breach, the majority would not actually be aware that they had been subject to a breach until months later. The security world is preoccupied with the idea of stopping breaches but this report reinforces the evidence that it is time for a change in attitude and a shift towards a defense and breach detection strategy.
“Modern IT environments need to start operating Security Best Practices – remove vulnerabilities then maintain Hardened System Integrity through change control. It is only by spotting the breach in time that an organization has any chance of effectively managing security.”
You can read the full article on SC Magazine here.