Over a third of those who work in the IT security industry fear that leaving the EU would make the UK more vulnerable to cyber attacks because they would no longer benefit from intelligence sharing with other EU states, according to new research.
The study, conducted by AlienVault, surveyed the attitudes of around 300 IT security professionals at the Infosecurity Europe conference, also found that over half of respondents (52%) believe that UK organizations would still have to comply with EU legislation in order to trade with Europe, even if Britain leaves the EU.
Furthermore, the vast majority (78%) of those surveyed do not believe that their jobs would be made any easier by Britain leaving the EU. In fact, a significant proportion (22 percent) actively support EU legislation around data protection and believe that it benefits them and their work.
Javvad Malik, security advocate at AlienVault, comments: “In advance of the EU referendum taking place tomorrow, the IT security industry seems to be siding with the ‘remain’ camp. Rather than offering an escape from the EU’s red tape, most people believe that they would still have to negotiate their way through complex legislation such as GDPR even if Britain does leave the EU. But what’s more, a significant proportion of those surveyed believe that being part of the EU actually benefits them and their work.
“This is especially true of the industry’s attitudes towards intelligence sharing between EU states. Cyber attackers pay no attention to geographical boundaries, transcending borders and jurisdictions to maximize malicious effect. The truth is that we can provide a stronger and more robust defense against emerging threats by working together and sharing information.”
Impact of GDPR
Probably due to the need to still comply with EU laws, regardless of whether or not the UK remains in the Union, the majority of respondents (66%) thought that the customer data held by their organizations would not be affected if Britain leaves the EU. But a quarter of those surveyed (25%) worry that the corporate data held by their organizations would be less secure in the event of a ‘Brexit’, and 22%felt the same about the customer data held by their organizations.
As Javvad Malik observes: “The GDPR is due to come into force in 2018 and has the potential to significantly alter the way businesses handle data. At over 200 pages long, the regulation is possibly the most wide-ranging piece of legislation ever passed. But many Infosec professionals seem to view the legislation in a positive light, believing that stipulations such as ‘data protection by design’ will make the data held by their organizations more secure.”