Time to get real on Cyber-Security

10 March 2016

New report reveals companies need to do more to protect themselves from cyber-attacks


Businesss are not taking cyber-security seriously enough, according to a new report.

The study, Cyber Security: Underpinning the Digital Economy, recently released by the Institute of Directors (IoD) and Barclays, also reveals widespread under-reporting of cyber-attacks, with under a third actually reported to the police.

Companies were keeping quiet even though half of the attacks resulted in an interruption of business operations, with over seven in 10 firms admitting they had been sent bogus invoices over email.

The survey of nearly 1,000 IoD members demonstrates a huge gap between awareness of the risks of cyber-attacks and actually being prepared to deal with them. A staggering nine in 10 business leaders said that they considered cyber-security as important, but only around half actually had a formal strategy in place to protect themselves. Just 20% held insurance against an attack.

Nearly seven in 10 IoD members had never heard of Action Fraud Aware, the UK’s national reporting centre for fraud and internet crime, which suggests that official efforts to tackle cyber-crime aren’t getting through to many businesses.

The IoD predicts that the growing threat of breaches will create a ‘cyber paradox’, meaning that although business will increasingly take place online, firms will no longer feel confident in the encryption protecting sensitive information when it is transferred. This could lead to companies resorting to old-fashioned methods for sending important data.

The author of the report, Professor Richard Benham, says that companies need to get real about the financial and reputational damage cyber-crime can inflict. He believes that while spate of recent high-profile attacks have worried employers of all sizes, they still aren’t doing enough to protect themselves. He stresses that it is vital to turn this awareness into action. Customers and partners expect the businesses they deal with to get it right.

“As attacks become more prevalent and increasingly sophisticated, businesses need to defend themselves, know how to limit damage, and be ready to respond quickly and comprehensively when the inevitable happens,” he said.

“No shop-owner would think twice about phoning the police if they were broken into, yet for some reason, businesses don’t seem to think a cyber breach warrants the same response.

“Our report shows that cyber must stop being treated as the domain of the IT department and should be a boardroom priority. Businesses need to develop a cyber security policy, educate their staff, review supplier contracts and think about cyber insurance.”

Amethyst’s expertise and comprehensive range of risk management services help you identify and understand risk so it can then be reduced and successfully managed.

To find out how Amethyst can help your business, contact sales@amethystrisk.com

For further information on Cyber Security: Underpinning the Digital Economy visit:





Contact us for more information

<< Back to Latest News items