The UK lags the US in prioritising cyber security according to a BT survey.

  • 17% of UK business leaders see cyber security as a major priority
  • 41% in the US business leaders see cyber security as a major priority
  • 21% respondents in the UK are able to measure the return on investment (ROI) of their cyber security measures
  • 90% US companies can measure their ROI on their cyber security measures
  • 86% of US directors and senior decision makers are given IT security training
  • 37% of UK directors and senior decision makers are given IT security training

The percentage of IT decision-makers stated that their boards underestimate the importance of cyber security:-

  • 55% of UK boards underestimate the importance of cyber security
  • 58% of IT decision-makers globally stated that their boards underestimate the importance of cyber security
  • 74% of US boards underestimate the importance of cyber security

The difference in levels of preparedness correlates with attitudes to threats.

The difference in levels of preparedness correlates with attitudes to threats. Non-malicious insider threats (e.g. accidental loss of data) are currently the most commonly cited security concern globally, being reported as a serious threat by 65 per cent of IT decision makers

In the UK this falls to 60 per cent followed by:-

  • 51% malicious insider threats
  • 37% hacktivism
  • 32% organised crime
  • 15% nation states
  • 12% terrorism

In the US the proportion of IT decision makers who see non-malicious insider threats as a severe threat increases to 85% and is followed by

  • 79% malicious insider threats
  • 77% hacktivism
  • 75% organised crime
  • 72% terrorism
  • 70% nation states

Globally the respondents believe the following will pose a greater threat:-

  • 54% hacktivism
  • 53% malicious insider threats

In the US they believe:-

  • 73% hacktivism
  • 74% malicious insider threats

In the UK:-

  • 29% hacktivism
  • 23% malicious insider threats

Emerging threats:-

  • 75% of IT decision makers globally say they would like to overhaul their infrastructure and design them with security features from the ground up
  • 74% would like to train all staff in cyber security best practice
  • 54% say they would like to engage an external vendor to monitor the system and prevent attacks.

BT Article