Nearly two-thirds (36%) of IT leaders are not disclosing breaches for fear that they may lose their job, complicating efforts to enhance security, according to new research.
Keeper Security polled 1000 UK IT decision-makers at businesses of between 100 and 5000 employees to compile its 2021 Cybersecurity Census Report.
It revealed that security breaches are widespread: 92% of respondents said their organization suffered one in the past year and over three-quarters (78%) feel unprepared to deal with cyber-threats.
The financial fallout of successful attacks is also significant, costing nearly one in 10 businesses over £1 million.
Worryingly, many IT leaders appear to be keeping quiet about breaches rather than actively taking steps to tackle their causes.
Nearly all (92%) respondents said they’re aware of gaps in their defenses, but less than half (40%) are addressing all of them. A third (32%) even admitted to using weak credentials such as “password” or “admin” to protect data.
Training and skills appear to be key weaknesses: 58% of IT pros said employees don’t understand the consequences of poor cyber-hygiene, while even more (61%) complained of cyber skills shortages.
This matters increasingly in the context of a current working environment in which remote employees may be more exposed to threats.
Two-thirds (66%) of UK organizations said they’d relaxed their cybersecurity policies to support productivity over the past 12 months.
“UK businesses are clearly worried about their cybersecurity and the challenges are manifold, affecting everything from budgets to productivity,” said Darren Guccione, CEO and co-founder of Keeper Security.
“Companies are facing many competing challenges right now and, understandably, might not always make cybersecurity investments a priority. Our report is an urgent reminder for organizations to proactively address their cybersecurity challenges as a priority, since deferring them will make the consequences far more severe.”