Businesses ‘still feel vulnerable’ to threats, despite efforts to boost security

Kirill_Savenko via iStock

The majority of businesses are concerned that they will become the target of a cyberattack in the near future, despite implementing new technologies and standards to reduce their risk of falling victim.

This is the finding of a new study by IT Governance, which noted that the number of reported data breaches in 2017 grew by a quarter (25 per cent) compared with the previous year. This is therefore making cybersecurity a top priority for businesses around the world.

One technique that can assist with this is the implementation of an ISO 27001-compliant information security management system, which IT Governance stated is a key best practice for helping businesses manage and improve their data security.

The organisation found that two-thirds of businesses believe putting such a solution in place will benefit their overall security posture, while the vast majority (89 per cent) agree that improved information security will be the single biggest benefit of an ISO 27001-compliant system.

This tool can also help businesses meet their regulatory requirements. Nearly half of respondents to the study (43 per cent) stated they would be implementing an ISO 27001 system in order to help them maintain compliance with the EU's General Data Protection Regulation, which came into effect earlier this year, and imposes much tougher data privacy and security standards on any businesses that hold the personal information of EU citizens.

Meanwhile, nearly six out of ten respondents (57 per cent) agreed that having an information security management system that meets ISO 27001 standards will give them a competitive advantage.

However, despite these benefits, many businesses still worry about the risk of falling victim to a data breach. Some 60 per cent of organisations that have implemented these security standards believe they are still likely to be targeted by attackers.

Alan Calder, founder and executive chairman of IT Governance, said: "Unfortunately, as long as cybercrime remains a lucrative trade, risks will continue to escalate, and attackers will continue to proliferate. To counter this, organisations need to be fully prepared."