Story image

UK most breached country in EU but businesses are blissfully naïve

30 May 2018

The United Kingdom has won an award after taking out Europe’s most breached country of last year – and perhaps the most unaware.

This was after the 2018 Thales Date Threat Report (European Edition) noted a year-on-year increase in the number of attacks to the UK from 43 percent to 67 percent.

Despite this spike, British businesses claim to feel less vulnerable to data threats when compared to those across Germany, Sweden, and the Netherlands.

2017 saw a number of high-profile cyberattacks across Europe with ransomware cryptoworm, WannaCry and wider-reaching malware, Bad Rabbit, crippling thousands of systems including the UK’s National Health Service (NHS).

In terms of organisations, large-scale names like Equifax, Accenture, and T-Mobile all painted the headlines as victims of cybercrime. While more organisations across Sweden and the Netherlands admitted to being breached in the past (78 percent and 74 percent respectively, as opposed to 67 percent in the UK), the last 12 months was a very different story:

  • 37 percent of businesses across the UK were breached
  • 33 percent of German respondents were breached
  • 30 percent of organisations in Sweden were breached
  • 27 percent of respondents across the Netherlands were breached

Despite these findings, just 31 percent of UK organisations said they feel ‘very’ or ‘extremely’ vulnerable to data threats, leaving the majority at 69 percent to feel ‘somewhat’ or ‘not at all’ vulnerable. In contrast, businesses in Sweden claimed to feel the most vulnerable with 49 percent, followed by the Netherlands on 47 percent and Germany on 36 percent.

While 7 in 10 British businesses have upped their cybersecurity spending from the previous year (with 15 percent stating it to be ‘much higher’), the report reveals the UK is still falling behind its European counterparts. For example, three quarters of businesses in Sweden have increased their budgets, while 39 percent say it is ‘much higher’.

In spite of all these findings, the UK it seems is actually in good stead when it comes to GDPR compliance when compared to its European neighbours.

Businesses had around two years to prepare for the implementation data of GDPR, but there have still been high rates of failure for compliance audits, especially in the last year.

Swedish businesses ranked the highest for failure, with 49 percent missing the bar compliance audits. Next up was the Netherlands with 38 percent, followed by Germany with 33 percent. Meanwhile, just 19 percent of UK organisations reported failed data security audits within the last year.

Furthermore, all European countries – aside from the UK – showed decline in their efforts to meet compliance. Despite the drop, all respondents cited compliance as being effective when it comes to preventing data breaches.

Thales eSecurity chief strategy officer Peter Galvin says a tidal wave of data breaches is rolling across Europe, with three in every four organisations now a victim of cybercrime.

“As a result, people are feeling more vulnerable than ever before, worried about where the next threat will come from, and in what form. To stand the best chance of success against these advanced attacks, businesses need to dedicate the appropriate level of attention, budget and resource into safeguarding their sensitive data, wherever it happens to be created, shared or stored,” says Galvin.

“The deployment of encryption is a well-recognised strategy to mitigate the risk of data breaches and cyber-attacks as well as protect an organisation’s brand, reputation and credibility.”

Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
One Identity named Leader in PAM and IAM by KuppingerCole
KuppingerCole lead analyst Anmol Singh evaluated the strengths and weaknesses of 20 solution providers in the PAM market for the report.
Healthcare environments difficult to secure - Forescout
The convergence of IT, Internet of Things (IoT) and operational technology (OT) makes it more difficult for the healthcare industry to manage a wide array of hard-to-control network security risks.