igor - Fotolia

UK security spend low despite breaches

The UK is the most breached country in Europe, but IT security spend remains low compared with other countries in the region, a report reveals

More than a third of UK businesses reported cyber attacks in the past year, which was higher than any other country in Europe, according to the European edition of the 2018 Thales data threat report.

However, despite a 24% increase in the number of attacks compared with the previous year, UK firms claimed to feel less vulnerable to data threats, compared with those across Germany, Sweden and the Netherlands, and consequently invested less in cyber security. 

While more organisations across Sweden (78%) and the Netherlands (74%) admitted to being breached in the past, compared with just 67% of organisations in the UK, the report said it was a different story in the past 12 months.  

Thales data shows that while 37% of businesses across the UK were breached, the figures were lower for Germany (33%), Sweden (30%) and the Netherlands (27%).

Despite the rise in attacks, just 31% of UK organisations said they feel “very” or “extremely” vulnerable to data threats, leaving the majority (69%) feeling “somewhat” or “not at all” vulnerable. Businesses across Sweden claimed to feel the most vulnerable (49%), followed by the Netherlands (47%) and Germany (36%).

Although 69% of UK organisations reported an overall increase in their IT security spending, with 15% saying it was much higher’ than the previous year, the report said the increase is still less than spend in Sweden, where 75% of businesses have upped their budgets to offset threats, and Germany where 76% have increased their IT security budgets.

While 72% of organisations polled have dedicated more money to IT security, UK businesses appeared to still fall short compared with their European counterparts, with 39% of Swedish respondents saying their budget was “much higher” than the previous year and an additional 36% claiming it was ‘somewhat higher’,  and spending said to be “a lot more” by 29% of firms in  the Netherlands and 24% in France.

Read more about encryption

The report also reveals that despite the two-year bedding in period allowed for compliance with the EU’s General Data Protection Regulation (GDPR), 49% of companies in Sweden failed data security audits in the past year, followed by the Netherlands (38%), Germany (33%) and the UK (19%).

Aside from the UK, all other European countries showed decline in their efforts to meet compliance, which the report said was “worrying” in the light of the fact that there are so many changes to standards and regulations. Despite this drop, respondents across the board all cited compliance as being effective when it comes to preventing data breaches.

Peter Galvin, chief strategy officer at Thales eSecurity said that as a result of a “tidal wave of data breaches” across Europe that has seen 75% of organisations become a victim of cyber crime, people are feeling more vulnerable than ever before.

“To stand the best chance of success against these advanced attacks, businesses need to dedicate the appropriate level of attention, budget and resource into safeguarding their sensitive data, wherever it happens to be created, shared or stored. 

“The deployment of encryption is a well-recognised strategy to mitigate the risk of data breaches and cyber attacks as well as protect an organisation’s brand, reputation and credibility,” he said.

Read more on Hackers and cybercrime prevention