New research reveals cyber ignorance putting businesses at risk

BAE Systems has launched a new online cyber risk assessment tool in response to research that indicates weaknesses in UK businesses’ cyber security measures.

The tool will enable organisations to test the status of their cyber precautions against 10 key questions, based on 10 Steps to Cyber Security guidance from the UK government’s national technical authority for information assurance, the CESG.

The recent study, which surveyed UK business leaders on their cyber security preparedness in the event of a serious network breach, showed that one in five don’t know if their organisation has the right security controls in place. Many of those who are confident about their defences admit they have not had their incident response plans tested for at least six months.

One in Ten

The research highlighted that 79% of respondents believe that they have the appropriate security controls in place to defend against cyber attacks. And yet more than half (57%) of those surveyed said they had experienced a cyber attack in the past year – with the average cost being revealed as at least £330,000. For one in ten though, it can cost up to £1million.

For businesses, being cyber-ready has never been more important says BAE Systems. Julian Cracknell, Managing Director for UK Services, BAE’s Applied Intelligence division, said: “The research confirms that cyber security is no longer merely a technical issue, but a challenge for the board. Around a fifth of the businesses we talked to said they either didn’t know or weren’t confident that they could return to business as usual within 48 hours of a serious cyber attack.

“Businesses need to ensure they have the right people, process and tools in place, so when a major incident occurs they are equipped to understand, contain and remediate. If action isn’t taken immediately, the price of cyber ignorance – for the company and the wider economy – could be severe.”

The online cyber risk tool will enable businesses to measure their cyber security preparedness across 10 key elements of information and communications technology security and can be found here: