Many businesses are taking cyber security seriously. However, a higher level of awareness and expertise is needed on boards of directors in view of the unprecedented shift to home working and heightened geopolitical tensions – notably, Russia’s invasion of Ukraine. That’s according to the Institute of Directors, which polled some 600 directors.
Dr Roger Barker, the Institute’s Director of Policy, said: “Hybrid working is here to stay. However, a remote workforce brings with it enhanced cyber risks, with employees relying on their home networks – and sometimes their own devices – to complete tasks. Companies have not yet fully adjusted to this reality.
“Furthermore, cybersecurity authorities have warned that Russia’s invasion of Ukraine exposes organisations both within and beyond the region to increased malicious cyber activity.
“A significant proportion of IoD members are concerned about their ability to access cyber insurance cover. During the last year, cyber insurance rates have increased significantly, and there are uncertainties around what is and isn’t covered by insurance, particularly with respect to exposure to state-sponsored cyber attacks.
“The National Cyber Security Centre is a key source of guidance for companies seeking to address current cyber challenges. In particular, the NCSC’s toolkit for board members represents an essential reference point for directors in their oversight of cyber security.”
Comment
Jamal Shakir, VP of UK at the email security product company Mimecast said: “These findings show that the geopolitical climate and the world of hybrid work have created more cyber-threats than ever before. This echoes Mimecast’s recent State of Email Security report which found that 71pc of UK businesses have witnessed an increase in the volume of email threats their organisation has faced in the last 12 months, with includes phishing with malicious links or attachments (56pc), impersonation fraud or Business Email Compromise (53pc), and malicious insiders (43pc) the most common threats. Businesses must do more to protect themselves from these attacks, and it is positive to see from the IoD research that many business leaders are taking the threat seriously and ensuring that cybersecurity is considered in every business decision.
However, more still needs to be done. Business leaders need to consider cyber risk as being business risk, building cyber resilience layers will help businesses grow and de-risk their operations. To overcome this growing threat landscape, UK organisations should think about a layered approached to technology to bolster their cybersecurity defences. Our research shows that the 40% of UK organisations that are already using AI as part of their cybersecurity strategy are already seeing a number of benefits, including increased accuracy in terms of threat detection (54pc), reduced human error within cybersecurity team (51pc), and reduced workload/working hours for cybersecurity team (45pc). There is no doubt that cybersecurity attacks will continue to rise, so there has never been a better time to invest in ensuring cybersecurity and keep the criminals out.”
