New study reveals key trends in cybersecurity during COVID-19 and lack of preparedness
Forty eight percent of businesses have experienced a cyber breach during the COVID-19 pandemic and another 8% ‘were not sure’, according to a survey by security company SecureAge Technology.
Polling 200 employers and 400 employees from around the UK business world during Q3 2021, the study examined key cybersecurity topics and trends.
In addition, 16% of employees said they had personally had to deal with a cybersecurity incident during the same period.
While attacks were targeted specifically at the vast number of people forced to work from home, the SecureAge survey shows that many employers did not provide the level of cybersecurity training to raise awareness of critical threats.
Less than 50% of employers that responded said they provided formal training in detecting and handling suspicious emails, password security and protecting sensitive information when working remotely.
The SecureAge survey also highlights a lack of trust in cybersecurity defences. Only around a third of employers and employees said that they are “very confident” that their cybersecurity infrastructure would protect them from a cyberattack.
The pandemic has exposed shortcomings in cybersecurity that are now being addressed. The survey shows that some two-thirds of businesses (66%) are set to boost their investment in cybersecurity, with around 32% of these planning to increase budgets by up to 50%. Meanwhile, 86% of employers have already begun to adopt new security measures to cope with the remote workforce.
“While companies seem committed to improving their resilience, it’s important that they spend the money wisely,” said Nigel Thorpe, Technical Director at SecureAge Technologies.
“There is an increasing acceptance that it is impossible to prevent every employee clicking on a malicious link or preventing a determined cybercriminal from gaining access to systems and networks. It’s time to move away from the ‘castle and moat’ approach and spending thousands on employee training to take back control with a simple data-centric strategy that focuses on protecting the data itself.”