The recent ransomware attacks have once again exposed the crippling cybersecurity skill shortage that UK has been facing for a long time. According to the recent research by ISC squared, the global shortfall is expected to increase 20% to 1.8m by 2022 and more than two-thirds of UK businesses are struggling to find qualified security personnel to defend them against potential security threats
As per the survey of over 19,000 cybersecurity professionals conducted, 46% of the UK companies have reported that the widening skill gap is already having significant impact on their customers. The same proportion of the businesses are willing to increase their cybersecurity workforce by more than 16% over the next one year but are hampered by the shortage in the skill availability.
The report also suggests that many UK businesses are not yet wholly prepared for the EU General Data Protection Regulation (GDPR), which will impose a mandatory 48-hour window for disclosing data breaches from May 2018. 22% of UK respondents feel their companies will take more than eight days to repair the damage if there is security breach in their systems which is much longer than this proposed new window for publicly reporting breaches.
According to Cyber Security Breaches Survey 2017 commissioned by The Department for Culture, Media and Sport (DCMS) and National Cyber Security Center, almost half of UK firms were hit by cyber breach or attack in the past year and almost all UK businesses covered by the survey are exposed to cyber security risks. 74% of the respondents said that cybersecurity is a high priority on the corporate agenda of their senior management whereas 31% said it is a very high priority. Only 7% have reported of it being a very low priority which is mainly across the micro and small businesses.
The survey which is a part of the Government’s five-year National Cyber Security Strategy to transform this country’s cyber security and to protect the UK online reveals nearly seven in ten large businesses identified a breach or attack, with the average cost of all breaches ranging from £20,000 to millions. The businesses that held electronic personal data on customers were more likely to suffer cyber breaches than those that do not (51 per cent compared to 37 per cent).
All businesses which hold personal data will have to make sure they are compliant with the new General Data Protection Regulation (GDPR) legislation from May 2018. This will strengthen the right to data protection, which is a fundamental right, and allow individuals to have trust when they give their personal data.
In our constant endeavor to keep our clients on top of the legislative changes, we will soon announce the date of an event on GDPR. Watch this space to know more.