Why Inadequate Investment in Cybersecurity is a False Economy


By Luke Dash, CEO, ISMS.online

Already suffering the most cyberattacks than any other European country [RH1], the UK looks set to experience a proliferation of vulnerabilities as businesses struggle to manage costs prudently.

The country’s cybersecurity agency has warned that the next five years will see an explosion of “hackers for hire” that will lead to more cyberattacks and an increasingly unpredictable threat landscape.

Already, the growth of cyber tools and services saw cyber-attacks reaching an all-time high in 2022 – exacerbated by increased hybrid working and geopolitical events such as the Ukrainian conflict. Adding to the threat is a broader range of off-the-shelf products that lowers the barrier to entry, with more state and non-state actors obtaining capabilities and intelligence not previously available to them.

Our latest State of Information Security report surveyed 500 information security (infosec) professionals in the UK and found that six in ten businesses faced at least one data breach fine in the past twelve months. Financial data was the most popular target.

Not just about the money

No organization is immune to cyber breaches, some of which can have dire consequences. Even a minor ransomware attack can do anything from halting production to collapsing a business.

The financial costs of cybercrimes continue to increase exponentially in the UK, with average fines soaring to almost a quarter of a million pounds over the past 12 months. But it’s not just about the money. The reputational damage and loss of customer loyalty can be even more damaging in the long run.

Alongside this are expenses incurred by the targeted business to perform security repairs and damage control, which may even be a case of too little too late. Research from 2020 found that 59% of consumers would likely avoid doing business with an organization that had experienced a cyberattack in the past year.

Moreover, UK businesses are at the forefront of the country’s cyber defences, obliging them to help defend against foreign threats. At the recent CyberUK conference in Belfast, newly appointed Deputy Prime Minster Oliver Dowden warned of credible incoming attacks by unpredictable actors targeting critical national infrastructure and supply chains.

The rise of this new cybersecurity threat is particularly worrying since these actors are more ideologically motivated than financially motivated. This tendency is a wake-up call for UK businesses to approach information security proactively.

Time to break down the barriers 

Even though 90% of infosec leaders view information security as a top priority for leadership teams, only around two-thirds (64%) expect to increase their infosec budgets in the next 12 months. In our report, a significant cohort (39%) listed budget constraints as their top challenge.

But budget constraints shouldn’t stand in the way of a business having solid cybersecurity measures in place. Companies need to understand that investing in infosec protects information assets, builds trust, wins business, and highlights efficiencies that make a noticeable difference to their bottom line.

The potential impact of breaches can be crippling for businesses. Yet, many companies are unaware of the severe damage fines could inflict on them, let alone the threat to reputation and customer loyalty. These costs are too hard to ignore, and companies must invest in strong information security practices to protect their assets and build trust with their customers.

Good information security practices are good for business as it reduces the risk of severe financial penalties. We must invest in them to protect our assets and build customer trust. In fact, investing in information security before falling victim to a cyberattack places a company in a much stronger position and saves money in the long term.

Now’s the time to prioritize information security, increase budgets, and invest in the tools and technologies to help us stay secure in the face of a growing threat landscape. So, when the time comes for companies to re-evaluate their budgets, don’t be the one to skimp on cybersecurity.

[RH1]Source: https://techmonitor.ai/technology/cybersecurity/uk-cyberattack-europe-ibm

About the Author

Luke Dash is a dynamic, forward-thinking business leader passionate about technology and innovation. With over 15 years of experience leading successful sales, product and business development teams, Luke has built an impressive reputation as an expert in business strategy, operations, and commercial performance from start-ups to large enterprises.

Currently serving as the Chief Executive Officer at ISMS.online, a leading SaaS governance, risk and compliance solution, Luke has been instrumental in driving the company’s growth and success and is passionate about the information security and data privacy compliance landscape.

Having seen first-hand that good infosec delivers business success, Luke is committed to ISMS.online’s purpose to empower every organisation to achieve simple, sustainable security.

Luke regularly contributes to industry and broadsheet publications, including Computer Weekly, Business Insider, CSO Online and Tech Nation.

Luke can be reached at our company website isms.online.



Source link