Research conducted by BSI, the business improvement company has revealed that one in six European organisations are unprepared for a data breach. The research carried out by the Cybersecurity and Information Resilience division of BSI for Cybersecurity Awareness month also highlighted that 39 per cent of organisations have experienced a data breach in the last 12 months.

Three key areas were highlighted within the research:

Counteracting the cyber threat

Preparation is vital when it comes to counteracting the cyber threat and awareness training and ongoing testing is crucial for organisations. While 73 per cent of organisations who responded to the BSI research said that they were concerned about cybersecurity and were seeking solutions, alarmingly one in six organisations highlighted that they had no plan in place. When asked if their organisation was undertaking cybersecurity testing, over a third stated that they weren’t, however, 59 per cent revealed that they were engaging in end-user security awareness programmes. 

Rise in data breaches and cyberattacks

The BSI research highlighted that data breaches have been experienced by 39 per cent of organisations. The global ISACA State of Cybersecurity 2018 Report* also revealed that 50 per cent have experienced an increase in the number of cyberattacks compared to last year.  Data processing has been a focus area this year with the introduction of the GDPR, with 45 per cent of organisations stating that they had a good understanding of their data landscape since it was implemented on 25 May. 68 per cent of the respondents, with the increased knowledge in place, had conducted a high-level IT risk assessment in their organisation, with one in five having a documented and tested Incident Response Plan (IRP) in place.

Pitfalls in migration of data

Cloud migration and cloud security has continued to grow and evolve this year however there are pitfalls to be aware of as part of an organization’s cloud migration journey. Shadow IT** remains a key concern for businesses with 68 per cent of respondents stating data loss is the main threat, followed by unauthorised applications (15 per cent) and unauthorised devices (9 per cent) as well as data residency (8 per cent). 45 per cent of organisations have engaged with additional security controls based on the requirements of their cloud systems.

Commenting on the research, Stephen O’Boyle, Global Head of Cybersecurity and Information Resilience Services at BSI, said: “Training and education is essential when it comes to achieving information resilience and it’s reassuring to see that organisations are actively implementing awareness programmes in the workplace. However, being proactive about cybersecurity is a company’s best defence and it is unfortunate to see that one in six organizations are unprepared for a breach and that over a third of companies aren’t’ partaking in cybersecurity testing within their organisation.”

“The increase in imminent malware threats, the importance of complying with new data protection regulations, the treatment of Shadow IT, and the advances in social engineering have been at the forefront this year. At BSI, we work with organisations to implement tailored plans that incorporate training at all levels of an organization, from senior executives to junior employees, as well as cybersecurity testing services to identify and address any weaknesses.  The cyber landscape is evolving, and organisations need to ensure that they are prepared so that they can remain resilient in protecting their information, people and reputation, both now and, in the future.” concluded Stephen.

BSI’s Cybersecurity and Information Resilience centre of excellence provides a range of solutions to help organisations address their information challenges covering cybersecurity, information management and privacy, security awareness, and compliance and testing. For more information visit bsigroup.com/cyber-uk