UK companies are suffering more cyber security incidents than their global counterparts but are less nimble in detecting breaches, new research has found.
The latest Global State of Information Security (GISS) report by PwC found that almost 70% of UK firms experienced an incident in the last 12 months, compared to 59% globally.
Some of the north-east’s most important industries, including oil and gas firms, utility companies, financial services and manufacturers were those among the most vulnerable to attack, the report said.
Worryingly, over 22% of the UK companies surveyed say they did not detect any security incidents in the past year, compared with 16% globally and 18% in Europe. Almost 10% of UK businesses say they do not know how many security breaches they have had in the last 12 months.
The GISS survey of 9,805 executives from more than 154 countries, including over 475 from the UK, across all industries, outlines the challenges faced by companies in protecting their businesses and their assets from cyber security incidents.
Over a quarter of UK respondents say customer and employee records have been compromised; over 22% have suffered the theft of intellectual property; and 20% have suffered financial losses. In total, 70% of UK companies say they experienced some business down time as a result of security incidents this year. 59% experienced up to 24 hours of down time.
Colin Slater, Cyber Security partner at PwC Scotland, said: “Personal cloud and smart app hacking is hitting the headlines, but it could so easily be corporate intellectual property that is the target – businesses are not immune to this risk.
“Our survey results on how firms are responding to this issue confirm what we have been feeling and seeing across the Scottish and UK marketplace.
“While there is an increasing focus on state sponsored activities such as espionage, the more common garden threats are manifesting themselves across our oil & gas, utilities, financial services and manufacturing industries. These are vital cogs in the wheel of our growing Scottish economy – our bread and butter if you like – and they are not impervious.”
According to the report, the number of reported security incidents around the world rose 48% to 42.8million, the equivalent of 117,339 attacks per day in 2013.
While 55% of UK companies say they plan to spend more on security this year, compared with 42% last year, a further 33% of companies report their spending will stay the same.
The rest either plan to cut back on spend or don’t know what they will do.
UK respondents say the top three obstacles to improving security are: insufficient capital funding, a lack of leadership from the CEO or Board, and the lack of an effective information strategy. On a positive note, 42% of UK respondents say their boards are engaged with the overall security strategy, compared with 37% of US interviewees.