The government’s efforts to help business tackle cyber threats face an uphill struggle, new figures suggest, despite almost half being hit by a breach or attack in the past year.
Just a fraction of companies are turning to guidance from the government or police in their bids to tackle cyber security, despite huge efforts and billions of pounds being ploughed into building Britain’s cyber defences.
Awareness about government initiatives remains relatively low, according to its own annual cyber survey, and approaching authorities was found to be “uncommon”.
It found that just over half of businesses have sought out any information, advice or guidance on cyber threats from any source. And of those, only four per cent referred to government sources of information, with the majority (32 per cent) turning to external security or IT consultants and 10 per cent just searching online.
And big businesses were even less likely to have sought out information than they were a year ago.
The Cyber Security Breach Survey found that only around half of firms have enacted the basic controls outlined in the Cyber Essentials scheme, one of the long-standing pillars of the government’s cyber strategy.
The majority of firms still don’t have segregated wireless networks or rules around encryption of personal data, while 80 per cent of staff have still not attended any cyber security training and just one in 10 have a cyber security incident management plan.
The report, from Ipsos Mori on behalf of the government, noted the survey came before the opening of the National Cyber Security Centre (NCSC) in February and shortly after the launch of the National Cyber Security Strategy in October.
The centre, and offshoot of GCHQ, is designed to foster greater collaboration between the security services and wider industry to tackle threats to businesses and critical national infrastructure. The official ribbon-cutting took place in February, however, the London site has been operational since October.
A government spokesperson said the centre was opened after the data was collected. “We have also recently launched a new marketing campaign to increase uptake of our Cyber Essentials scheme which is helping businesses protect themselves from the most common threats,” they added.
Former chancellor George Osborne promised to plough nearly £2bn into tackling cybercrime over five years back in 2015, with the centre a part of that. GCHQ has also tapped cyber startups to help tackle the problems facing business.
However, the latest figures shine a light on just how big a task it faces trying to get businesses to take basic security precautions. Survey after survey reveals they are failing to tackle the problem despite it commonly being identified as a top priority and one of the biggest risks.
Ian Dyson, the top boss of the City of London police, the force which tackles major fraud and financial crime including that which takes place online, last week warned that businesses area leaving cybercrime unreported.