Firms shun security as cyber risks soar

Road sign with words security versus risk. White two street signs with arrow on metal pole. Directional road, Crossroads Road Sign, Two Arrow. Blue sky background

Firms shun security as cyber risks soar

Reading Time: 2 minutes20th May 2021 | Modified: 19th December 2022

Categories: Tech News

Around half of the UK’s businesses had no security policies in place in 2020 – fewer than in 2019.


According to a report by the Department for Digital, Culture, Media and Sport (DCMS), the proportion of businesses and charities using security monitoring tools fell from 40 per cent in 2019 to 35 per cent in 2020.

At the same time, the number of organisations using up-to-date antivirus software dropped from 88 per cent to 83 per cent.

Only 52 per cent of businesses and 47 per cent of charities used one or more cyber security measure last year, such as conducting risk assessments and audits, penetration testing or investing in threat intelligence.

This decline in overall cyber resilience coincided with a steep rise in security risks due to the pandemic when phishing and ransomware attacks soared.

The DCMS also found 39 per cent of businesses and 26 per cent of charities reported security breaches or cyber-attacks during 2020, with factors like remote working making securing IT environments more challenging.

Updates difficult

Big organisations in particular found dealing with hardware and software changes more difficult than most because of the sudden surge in the number of endpoints they had to manage.

The Cyber Security Breaches Survey 2021 findings, issued by the DCMS, also show that cyber-attacks have evolved and become more frequent. Since 2017 there has been a rise in businesses experiencing phishing attacks, from 72 per cent to 86 per cent, but a fall in viruses or other malware from 33 per cent to 16 per cent.

Gary Jowett, from Computer & Network Consultants (CNC) in Brighton, said: “The lockdowns we’ve experienced were a recipe for disaster among businesses and charities, many of whom haven’t been prepared for the higher level of exposure to hackers that remote working brings – and the impact it has on maintaining corporate security policies and standards. That is why having robust training and security policies in place is vitally important. For small and medium sized businesses, who may be concentrating on sales and servicing, security may be best maintained if it’s supported by an independent third party who can ensure it isn’t neglected at the expense of other priorities.”

Newsletter Archives

Categorized as Tech News

By Gary

Gary has always focused on making sure the most appropriate solution is provided to help customers, not just what's new and shiny. With over 30 years in the IT industry Gary has the experience to tell the difference between something that's game-changing or is just a passing fad!