Only half of businesses are as secure as they should be

New research has uncovered a worrying lack of action when it comes to businesses tackling cyber threats.

A report by Tanium revealed that despite the fact that 99 per cent of UK business leaders say that making technology resilient to business disruptions such as cyber attacks should be an integral part of their firms wider business strategy, the reality is actually quite different.

Of the 1,000 UK business leaders surveyed by the company for the Resilience Gap study, only half (54%) claim their organisation is as resilient as it needs to be with 20 per cent admitting they would not be able to calculate the indirect costs from lost revenue and productivity following a cyber attack.

Tanium's study shed light on the fact that there are more barriers to achieving the resilience that UK businesses believe to be important. When it comes to the barriers holding them back, 38 per cent blame their organisation's complexity while 21 per cent blame siloed business units.

Looking to their teams and tools, over a third (35%) said that hackers being more sophisticated than their IT teams poses a real challenge, while one fifth (21%) claim that they don't have the skills needed within their organisation to accurately detect breaches in real-time and nearly a third (27%) claim that poor visibility of entry points is a barrier to resilience.

Responsibility for resilience

Managing Director of EMEA at Tanium, Matt Ellard provided further insight on the findings of the report, saying:

"The speed of digital transformation has led organisations to purchase multiple tools to solve IT security and operations challenges, which is leaving IT infrastructures vulnerable to threats. Business resilience is fundamental to any strategy for long-term growth, yet the findings suggest that many UK businesses still have a long way to go. Organisations need to build a strategy for business resilience, and that starts with ensuring they have real-time visibility of where threats exist across their network, most crucially at the endpoints. If you can't pinpoint current vulnerabilities or the origin of a threat, how can you expect to defend against them?"

Tanium's study also revealed alarming gaps in accountability and trust across organisations. Growing confusion internally on where the responsibility for resilience lies is one of the main reasons UK businesses are unable to achieve business resilience against disruptions such as cyber threats.

Of those surveyed, 28 per cent believe it should be the responsibility of the CIO or Head of IT while the same amount (28%) say that every employee should be held responsible. However, 13 per cent claim that responsibility lies with the CEO alone and 11 per cent claim it falls on the senior leadership / management.