Good Cyber Security Starts in the Boardroom but Only Half of Business Leaders Are Ready for Cyber Security Threats
New survey by Esme Learning highlights that strengthening cybersecurity is seen as a key strategy to boost business profitability
95% of business leaders clearly recognise the threats from cyber-attacks, and the need for cyber security training, but fewer than 40% think current educational offerings are sufficient
Only 26% have a dedicated team and a robust cybersecurity plan
The UK’s vulnerability to cybersecurity attacks has again come under the spotlight, with only half of business leaders ready and prepared to counter digital threats they’re currently facing – or are likely to confront in the future. This is despite the fact that over half (52%) link strong cybersecurity capabilities to increased profitability.
Lockdown measures that forced the majority of businesses worldwide to work remotely in response to COVID-19 have raised a number of cybersecurity concerns and issues. The number of attacks against organisations grew to reach a four-month high at the end April resulting in the NCSC and CISA issuing an advisory about cybercriminals exploiting COVID-19 on April 8th 2020.
Prior to the pandemic, the World Economic Forum (WEF), identified cyber-attacks as the most concerning technological risk, and the last EY CEO Imperative Study revealed that cybersecurity is the No. 1 global concern for CEOs. Furthermore according to the (WEF), hacking and phishing attacks are likely to become the new norm for many companies, even as the virus infection rate begins to recede.
A worrying key finding of the survey of over 750 business leaders conducted by online pioneer Esme Learning Solutions, who is collaborating with Saïd Business School in the development of the Oxford Cyber Futures programme, was that although businesses have woken up to the threat of poor cyber security practices, they are not yet walking the walk.
Other insights include:
- cyber security as a top priority – three quarters (75%) see cyber security as both a central priority for their organisation and a high priority in relation to other business priorities (72%)
- missed business opportunities – while over half (52%) link strong cyber security capabilities to profitability, only 36% believe they are equipped to capitalise on new cyber opportunities
- prioritise training – while the vast majority (95%) want the latest in cyber security training only 39% think the current offerings meet their needs.
“With cyber security breaches already costing mid-market businesses more than £30bn a year, it’s encouraging to see it become a top priority for business leaders,” said David Shrier, Managing Director of Esme Learning Solutions. “But worryingly, there appears to be a substantial disconnect between their views and what’s actually taking place in their businesses every day.”
“The missing link in all this is education – a lack of training is costing companies money and putting their businesses at risk. There is a dearth of high-quality, accessible training and development available to this sector – something that Esme Learning is keen to address through a range of fully online courses, in partnership with top tier higher education institutions.”
“Cyber security has never been more important for business, especially as we emerge from global lockdown to a world where business and commerce are shifting online at a pace. With this shift to a digital-first approach come new risks and new opportunities for forward-thinking business leaders.
It’s extremely worrying that fewer than half of them feel equipped to deal with threats and even more concerning is the potential for growth that is being missed.”
“There is good news in that businesses and their people have woken up to cyber security, however, they need to actually support their words with real action. Currently, cyber threats are seen as just as IT’s problem, rather than a business-wide issue and responsibility, despite the risks and opportunities it presents.”