A majority of organisations lack confidence in their cyber spend, according to a survey by an audit firm. Just 38pc of UK respondents are ‘very confident’ their cyber budget is allocated to the most significant cyber risks, compared to 44pc globally, according to PwC. Similarly, only 36pc of UK respondents are very confident they are getting the best return on their cyber spend versus 42pc globally. Despite this, a majority, 56pv of UK respondents are planning to increase their cyber budgets in 2021.
Richard Horne, Cyber Security Chair at PwC said: “It’s surprising that so many organisations lack confidence in their cyber security spend. It shows businesses need to improve their understanding of cyber threats and the vulnerabilities they exploit, while changing the way they think about cyber risk so it becomes an intrinsic part of every business decision.”
New hires in the UK are expected to possess more than just technical knowledge. When asked which cyber security skills were most in demand, UK respondents cited security intelligence (46pc) and the ability to work with cloud solutions (40pc) as the most important skills for new employees, closely followed by communication (38pc), project management (38pc) and analytical skills (37pc). This reflects the evolution of the industry, with cyber teams now required to work collaboratively with the rest of the business to develop a strategic, analytical approach to cyber security.
Daisy McCartney, Cyber Security Culture and Behaviour Lead, PwC said: “As cyber security becomes a strategic priority, organisations should be hiring talent from more diverse backgrounds. Security teams need a mix of soft and technical skills coupled with business knowledge – this helps improve collaboration with senior leaders and ensures that cyber security decisions support the organisation’s strategic goals.”
Near all, 96pc of UK respondents said that they will shift their cyber security strategy due to Covid-19. Half are now saying they are more likely to consider cyber security in every business decision. A third of UK respondents (34pc) plan to accelerate their digitalisation plans due to covid.
Comment
Matthew Gardiner, Principal Security Strategist at cyber firm Mimecast said: “It is really positive to see that organisations are starting to take cybersecurity more seriously. Our Threat Researchers found that COVID-19 has opened new opportunities for threat actors in the first months of 2020, with a 35% rise in email-based malware threats from January to April. These threat actors will be looking to take advantage of lockdown 2.0 and it is important both businesses and employees are ready for this.
“Further Mimecast research shows that after working from home for several months, British employees have developed some lax cybersecurity habits. The research shows that 63pc are using their personal devices regularly for personal business and almost half (49pc) are opening attachments from unknown sources. These bad practices result in more cybersecurity incidents across businesses, with three in four IT leaders witnessing cybersecurity issues once a month or more – more worryingly, 20pc of them admit occurrences happen more than once a day. With all of this, it is no surprise to see organisations concerned about a cyberattack in the near future. To prevent this, they must invest properly in their cybersecurity programs, including awareness training.”
About the survey
‘Global Digital Trust Insights 2021:Cybersecurity comes of age’ is based on PwC’s survey of 3,249 business and technology executives, including 265 in the UK. To find out more about the UK cut visit: www.pwc.co.uk/issues/cyber-security-services/insights/cyber-security-strategy-2021.html.
