BY Richard Summerfield
Despite recent growth in the number of recorded data breaches, senior management at a number of UK companies believe that their cyber security provisions are above average – a sign that some UK firms may be overconfident in their defences, according to the ‘United Kingdom – Views from the C-Suite Survey 2018’ report released by FICO.
Executives at three out of four UK firms believe that their company is better prepared than its competitors. Among UK industries, financial services firms were the most confident of all, with 55 percent of respondents saying their organisation is a top performer, and 41 believe that their defences are above average. Forty-two percent of telecommunications providers believe that their firm is a top performer. The least confident executives were in the retail and e-commerce sectors, with 38 percent of respondents saying that their firm is a top performer, and only 19 percent rating it as above average.
This overconfidence among UK executives is particularly jarring as only 36 percent of organisations are carrying out regular cyber security risk assessments.
“These numbers suggest that many firms just don’t understand how they compare to their competitors, and that could lead to a lack of investment,” said Steve Hadaway, FICO’s general manager for Europe, the Middle East and Africa.
The UK is not alone in its overconfidence, however. Firms from all eight jurisdictions surveyed, including the US, believe they are well placed to resist a cyber attack. Canadians were more likely to rate their firm a top performer for cyber security.
Ovum conducted the survey for FICO through telephone interviews with 500 senior executives, mostly from the IT function, in businesses from the UK, the US, Canada, Brazil, Mexico, Germany, India, Finland, Norway, Sweden and South Africa. Respondents represented firms in the financial services, telecommunications, retail and e-commerce and power and utilities sectors.
“IT leaders have greater funding than ever to protect organisations from the continuously evolving threat landscape and meet complex compliance demands,” said Maxine Holt, research director at Ovum. “These same IT leaders are undoubtedly keen to believe that the money being spent provides their organisation with a better security posture than any other – but the rapid pace of investment, often in point solutions, rarely takes an organisation-wide view of security.”