Sixty percent of UK public sector IT leaders say a successful cyberattack is “only a matter of time”.
That’s according to research from Trend Micro, which surveyed 250 IT public sector leaders with cybersecurity responsibilities.
IT leaders view phishing as the most significant threat over the next two years (60 percent), followed by ransomware (41 percent).
The data shows that many organisations still operate reactively, with nearly a third (31 percent) of respondents acknowledging that a lack of proactive threat hunting and risk management leaves them exposed. If breached, 24 percent admit it would take them between 1-3 days to successfully identify a ransomware attack, with the average response time being 1 day and 6 hours. These findings highlight a broad issue – that cyber defence is often treated as a response function.
Almost half (49 percent) say they are so overwhelmed with managing immediate cybersecurity threats and challenges that they don’t have enough time to spend on building a strategic plan for cyber.
The absence of a strategic, cybersecurity-first culture across the broader workforce, identified by 42 percent of respondents, is manifesting in behaviours that heighten everyday cyber risk. This includes employees intentionally bypassing security protocols even though they’ve had cyber training (47 percent), as well as human error (39 percent). This reveals a critical disconnect between security awareness and actual practice, suggesting that current training programmes may be viewed as a compliance exercise rather than a catalyst for better cyber governance, said Trend Micro.
If you liked this content…
“The public sector continues to be a prime target for threat actors, from exploiting weaknesses with NHS suppliers to steal patient data, to infiltrating The British Library to capture 600GB of data. We don’t know if the Government’s proposed ban on ransomware payments will curb such activity, and in the meantime, gangs have a steady supply of victims capable of paying up,” said Jonathan Lee, UK cybersecurity director, Trend Micro.
Public sector not backing up critical data
Separately, new data this week suggests that less than half of UK public sector organisations back up critical systems daily. This is despite more than 28,000 data breaches reported across NHS trusts, local councils, and educational institutions over the past three years, exposing personal, health, and financial data.
The findings come from Freedom of Information (FoI) data obtained by backup vendor Object First. A hundred and fifty organisations were approached, and the responses pointed to vulnerabilities in data backup, immutability, and Zero Trust security practices. Two NHS Trusts confirmed they were impacted by ransomware attacks.
In the past 36 months, 28,696 breaches were reported across the UK public sector. But only 47 percent of UK public sector organisations back up critical systems at least daily.
Moreover, only half of the organisations surveyed confirmed that they have an incident response plan in place – despite the UK’s Information Commissioner’s Office guidance to have one alongside regular testing.
