Targeted attack mitigation
The UK is ahead in all categories of preparedness, and especially in terms of penetration testing, which British companies are 22 per cent more likely to utilise than the European average. Tarzey suggested that "this explains why, although UK organisations are as likely, if not more likely to be targeted, those attacks are less likely to be successful and data is less likely to be stolen".
The Trend Micro veep suggested that cyber fire drills could be a simple add-on to the existing preparedness actions, combining several of the other tests, and is evidently a powerful, if under-utilised tool, which would provide ongoing training.
"While UK businesses increasingly recognise the reality, scale and impact of targeted attack," stated Ferguon, "the initial data reveals that much more can and should be done in testing their readiness to deal with them."
"A large number of businesses report having training and penetration testing measures in place, but relatively few are conducting cyber-readiness tests, or fire drills. Raising user awareness and probing your systems are both crucial components, but they cannot be fully tested unless brought together in a live-fire exercise involving your employees."
Tarzey said: "Initial analysis of the new data suggests UK organisations are better prepared. However, much more could be done by most UK organisations to prevent attacks and deal with the aftermath when some are inevitably successful."
Quocirca is continuing to analyse the data it has gathered from the 500 respondents, 100 each in the UK, Spain, Italy, Germany and France. The final version of its research on the cybercrime scene in 2015 will be published no later than the end of October. ®