A new report has found that, although many companies are increasing spend on cyber security, many are still falling short on some of the most basic points.
The findings, released by PwC in the same week the National Cyber Security Centre opened in the UK, found that organisations are now spending around £6.2 million on information security. This is a massive increase from average investment in 2015, which totalled just £3 million.
As well as being significantly higher than what they were spending 12 months previously, the amount companies in the UK are investing in data security is also much greater than their global counterparts. According to PwC's research, organisations outside the UK recorded an average spend of just £3.9 million.
Although British companies are investing more than their global counterparts, it appears as though this does not go hand-in-hand with a comprehensive prevention strategy, with nearly a fifth (18 per cent) unaware of how many cyber attacks they had experienced in the last year.
In addition, 17 per cent of the respondents to the annual Global State of Information Security Survey 2017 who had suffered a breach said they were unsure about what the source of the breach was.
Separate research conducted by Quocirca found that the vast majority of companies across Europe understand the potential danger of targeted attacks. Around a quarter (24 per cent) believe it's inevitable that they will be the victim of cyber attacks at some point, and this was concerning for many.
Just six per cent of respondents thought reports on cyber attacks were exaggerated or they were unaware of the dangers.
The research for Quocirca's new report, called The trouble at your door sponsored by Trend Micro, looked at 600 organisations across Europe and found 251 successful cyber attacks among them. Of these companies, 133 had lost information, while 94 had suffered serious or significant reputational damage.
According to their findings, European enterprises have at least a one in five chance of losing data through a targeted cyber attack. There is also a legitimate concern for those organisations that fall victim to this type of crime but are unaware that it has happened to them.
With security incidents now costing £2.6 million on average, it's important that businesses know the best ways to defend themselves against potential attacks. Figures show that companies of all sizes and in countries all around the world are being targeted by cyber criminals, so no matter what type of industry a business may be in, it's crucial that it is prepared for such an attack.
Here are some ways that companies can help ensure they will have some protection against cyber criminals
Encrypt your data
Perhaps the most important first step towards safeguarding a business - and its customers - against any information theft is to encrypt any data you have stored. Whether this is on your own server, cloud, or a hard drive, encryption can help protect your sensitive information from falling into the wrong hands.
With the right tools, cyber criminals can bypass whatever security measures you have to protect your data and access whatever is stored on it. This means that full disk encryption technology is enabled so that if anyone is able to steal your data, anything they see will be scrambled.
Increase employee awareness
When it comes to data security, it's almost impossible for one person to have full control over everything and ensure that information is safeguarded. This is why it's so important to have your employees engaged with data security and aware of the dangers that cyber crime poses to the business. More and more companies are using their workforce to help fight against cyber attacks. Training can help people understand the basics of cyber crime and what they can do to prevent sensitive information from falling into the wrong hands.
Although you can get security consultants to deliver training, you can't expect your employees to know all that an expert does. One of the best ways to combat cyber crime is to outsource your online security, unless you have the budget and resources to hire your own full-time professional. Going to a specialist company to handle your online security helps take some of the responsibility away from your business, allowing experts to handle the most sensitive matters.