Although we all like to think our workplaces are safe, our cybersecurity is often at risk. In fact, security firm Barracuda Networks has found that 98% of UK organizations experienced some form of a security incident in the last 12 months.
As part of The State of Industrial Security in 2022 report, the firm spoke to 800 senior IT managers, senior IT security managers, and project managers in the UK. While the positions and the specific security roles varied, it was clear that all staff are facing challenges.
Many know that cyber threats are commonplace for organizations, plus recovering from an incident is half of the battle of cybersecurity. However, the report found that some attacks are having a substantial impact on the productivity and subsequent success of the workforce.
The impact of cyber breaches
9% of respondents told Barracuda that the worst breach they suffered in the last 12 months had a “significant” impact on their organization. In the context of this study, this means staff had to instigate a complete shutdown of all devices or locations.
Larger numbers faced moderate incidents (39%) where a large number of devices has issues. An additional 50% said they had witnessed minimal impact, as only a dew devices or one location were at risk.
45% of those surveyed said that web application incidents had occurred in the last 12 months at least once. On top of that 29% saw a breach from malicious external hardware.
Problems didn’t end there with denial-of-service (DDoS) attacks being felt by 36% of respondents and 29% noted they had faced a compromised supply chain.
The downtime of the reported incidents lasted from a few hours to a few days. 42% of organizations stated that their worst security incident affected operations for two days.
On the back of this large impact time, 99% of IT leaders in the UK are concerned about the current cybersecurity landscape.
Speaking about the issues in the report, Tim Jefferson, SVP of engineering for data, networks, and application security at Barracuda, said: “In the current threat landscape, critical infrastructure is an attractive target for cybercriminals, but unfortunately IIoT/OT [industrial internet of things/operational technology] security projects often take a backseat to other security initiatives or fail due to cost or complexity, leaving organizations at risk,”
“Issues such as the lack of network segmentation and the number of organizations that aren’t requiring multi-factor authentication leave networks open to attack and require immediate attention.”
While multifactor authentication tools may annoy staff, it is vital that incidents that damage the business are avoided and that hardware remains compliant.
Otherwise, working days are lost and data is at risk.