Insufficient cybersecurity investments top concern for British authorities

The study, based on feedback from British independent cyber security consultants, also highlights that too many vulnerabilities are still down to poor practice including weak passwords. Study’s results have shown that training and skills (43%) as well as lack of end-to-end cyber security expertise (36%) remain the biggest cyber challenges facing UK business.

Additional findings include 93% of cyber-consultants believe there is insufficient investment in cyber security and they expect to see Ransomware (40%) and Identity Harvesting (33%) become more prominent in the next 2-3 years, with Cloud Services and Connected Devices (IoT) being the sectors most frequently targeted.

Cyber-investment is being pushed by ‘threat’ (93%), with negative media coverage of breaches (40%) and lack of skilled resource (33%) driving more cyber-outsourcing than actual attacks.

The majority (43%) felt there was not enough regulation in the industry and that more protection was needed for consumers and for businesses. The new EU GDPR regulation, which comes into effect from 25th May 2018, is considered long overdue by some consultants. However, many businesses, especially SME’s are not prepared for this regulatory change.