Check your controls in wake of cyber attacks

23 May 2017

The recent global ransomware attacks have highlighted the importance of knowing what you, your administrators, IT services and other providers are doing to keep your information safe. is a website dedicated to providing information about cyber security. They have published SailPoint's 2017 market pulse survey which has revealed some unsettling data on the current status of cyber-security among UK businesses.

Key findings from the survey include:

  • As many as 3 in every 5 UK businesses fear they will be victims of data breach in the coming year

  • A third of all UK businesses won't even know they have been breached

  • As many as 67% of all British enterprises were breached last year

  • 33% of enterprises fear they won't even know that they have been breached

  • 71% of enterprises aren't sure how to manage and protect unstructured data

  • Only half of enterprises have formal usage policy to prevent data breach.

The situation is so grave that enterprises aren't wondering if they can be breached, but when they will be breached.

The survey suggests that the threat to UK businesses from cyber-attacks is much worse than previously believed. An earlier survey of 1,200 companies by the British Chambers of Commerce (BCC) found that almost 1 in 5 have been victims of cyber attacks in the past year. Companies with over 100 employees were found to be more likely to be targeted than smaller ones. 42 percent of medium to large-sized companies were affected as compared to 18 percent of micro- small enterprises.

Cyber Essentials accreditation programme

The government is offering an ambitious and helpful 'cyber essentials' accreditation programme for enterprises which aims to help companies strengthen their IT systems, implement the latest cyber security practices and effectively handle and protect customer data. To ensure more companies join the programme, the government has mandated that those without accreditation will not be able to bid for government contracts.

Employee cyber hygiene

As far as cyber hygiene of employees is concerned, there has been little improvement. A recent report from security firm Bomgar has revealed that:

  • As many as 69% of employees stay logged on to either their laptop or company accounts after work hours

  • 57% send work files to their personal e-mail accounts

  • 46% tell colleagues their passwords

  • 53% use unsecured Wi-Fi to access online data and in the UK

  • Only 44% of companies have reviewed their policies on third party access in the last two years.

On a positive note, the SailPoint survey shows that 87% of enterprises agree that it is important to have strong identity governance controls in place across their organisation’s entire IT infrastructure. Around 55% of enterprises have also confirmed that they will invest the maximum in identity governance in the next year.

For more information about protecting against cyber threats, read the government’s cyber essentials guidance and visit the National Cyber Security Centre’s website.