Keeper Security: 2022 Cybersecurity Census Report Reveals Lack of Preparedness Against Rising Cyberattacks Amongst UK Businesses

Census Enrichment Integrates First-Party and Third-Party Data in the Data Warehouse for the First Time
  • Almost one in five (17%) UK businesses are subjected to approximately two cyberattacks every working day

  • 46% of IT leaders expect the total number of attacks and number of successful attacks to increase over the next year

  • The average financial disruption to businesses caused by cyberattacks is significant, at over £100,000

  • Over half (55%) of UK IT leaders have kept a cyberattack on their business a secret, an increase of 19% since 2021

Cyberattacks are hammering businesses of all sizes and sectors across the UK, with just a fraction of those prepared to defend against them, according to new research by Keeper Security. The 2022 Cybersecurity Census Report reveals that companies are suffering severe organisational, financial and reputational damage. Yet, despite IT leaders expecting this onslaught to intensify over the next year, preparation is lacking, with only a minority of organisations feeling ready to face the threats.

The report found that the average UK business experiences 44 cyberattacks per year—more than three every month—and almost one in five (17%) are subjected to over 501 attacks in a single year. This calculates to approximately two cyberattacks every working day. While only around two of those cyberattacks are successful each year, IT leaders fear the frequency of attacks will intensify, with 46% expecting both the total number of attacks and number of successful attacks to increase over the next year.

Marketing Technology News: MarTech Interview with Kevin Wang, SVP of Product at Braze

Cyberattacks are causing businesses significant harm

Successful cyberattacks have the potential to bring businesses of all sizes to a standstill. Alarmingly, just 26% of respondents consider their business very prepared to defend against them.

  • Over one third (35%) of victims of a cyberattack report disruption to trading, such as the ability to carry out business operations
  • Over one third (34%) experienced reputational damage due to an attack
  • 31% of both larger (over 1,000 employees) and smaller (fewer than 1,000 employees) businesses experienced theft of financial information from a successful cyberattack

More than a fifth (22%) of businesses experienced theft of money—with the financial disruption totalling more than £100,000 on average. Considering the current macroeconomic uncertainty in the UK, and the fact that the average UK SME makes just £11,000 in profits per year, such financial losses can be terminal.

Cybersecurity Investments and Tools

The rise of hybrid and remote work is widening the gap between what’s necessary to secure organisations and what’s available, with shortfalls in cybersecurity investment leaving businesses exposed.

Visibility of system users, password strength and permissions are baseline necessities regardless of business size or sector, yet IT leaders admit their tech stacks lack essential tools:

  • Over one-third of respondents (35%) lack a manager for IT secrets such as API keys, database passwords and credentials
  • Almost nine in ten (87%) highlight concerns about the dangers of hard-coded credentials—embedding authentication data such as user IDs and passwords directly into source code
  • 29% lack a connections manager to help manage remote access to privileged infrastructures

IT leaders acknowledge their current security measures have identifiable weak points, and passwords and credentials are particular areas that require urgent investment. Despite this, almost one-third (32%) state they leave it entirely to employees to set their own passwords, with access often shared as needed.

“The cybersecurity landscape is complex, with ever-changing risks and shifting priorities to manage. However, the research shows that organisations could and should be doing more,” said Darren Guccione, CEO & co-founder of Keeper Security. “While many organisations consider future investments, they face being outmatched by rising external threats and the demands created by existing weaknesses.”

Marketing Technology News: Finding the Communication Sweet Spot

Cybersecurity in Company Culture

Despite budgetary commitments and a prioritisation of cybersecurity from the C-suite, IT leaders themselves admit to a concerning lack of transparency in the reporting of cyberattacks. Over half (55%) state they have been aware of a cyberattack and not reported it to any relevant authority. In addition, 80% of IT professionals are concerned about a breach from within their own organisation. These figures should be a red flag to business leaders, as without a culture of trust, accountability, and responsiveness, cybercrime will thrive.

Guccione concludes: “Although there have been small steps from UK businesses in prioritising cybersecurity, clear gaps remain. The volume and pace at which threats are hitting businesses is increasing, and leadership cannot afford to wait. As we move forward, businesses and IT leaders must not only voice commitments to cybersecurity, but act on them. They need to acknowledge how our workplaces have evolved and respond to new ways of protecting their employees, their data, and their livelihoods.”

Picture of Business Wire

Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

You Might Also Like