Riverbank IT Management announces the results of their first annual
cyber-security survey of UK companies
By: Claire Vickery, Head of Marketing at Riverbank IT Management
The annual cyber-security survey
In a recent, independent and anonymous online survey, Riverbank IT Management asked questions
of IT Decision Makers in the UK concerning the topic of cyber-security.
The results revealed that there is a great deal of uncertainty; primarily about responsibility,
readiness and appropriate preventative measures. However, what was believed overwhelmingly,
was the inevitability of a cyber-attack; with more than half of those surveyed believing that UK
companies stand an 11-49% chance of suffering an attempt within a year.
The consequences of an attack produced some interesting insight, with over 50% listing a hacker
accessing their clients’ data as the worst fear and more than 60% feeling that the costs associated
to a breach would be the worst fall-out of a security attack.
Riverbank IT Management is here to help make your life easier by taking your IT challenges and
making them our own. From our offices in Oxford and London, we provide first-class IT support to
growing businesses. Our response and resolution rates* are all down to a team of account managers
and technical experts, solving your IT problems so you can get on with doing what you do best.
*99.5% of service tickets met response SLA, 98.7% of service tickets met resolution SLA.
Riverbank Managed Security
Unfortunately, the days of relying on just anti-virus is out.
Multi-layered security is in.
Today’s threats require a policy approach utilising a multi-layered, multi-vendor set of solutions with
user training front and centre. Sticking a firewall on your network perimeter and anti-virus on your
desktop was a solution for pre-cloud environments – the attack surface is now bigger.
Security risks now extend outside of your network to Office 365, Salesforce, Citrix and Dropbox to
name just a few.
Cyber threats are not going away. Ever. The risk to your business data – including sensitive client
information – can be catastrophic. The sophistication and rapid change of attacks from phishing,
ransomware, bots and other techniques means you need a coherent, integrated and pro-active set
of tools and policies to counter the threats.
Riverbank IT Management has brought together a comprehensive suite of products called Riverbank
SecurePC and overlaid it with our expertise in the field to deliver you peace of mind. Each set of
tools is a layer in this defence and is under constant review to ensure the vendors we use are the
Full survey results
Half of the survey respondents believe the Head of IT / CIO is ultimately responsible for their organisation’s cyber-security. In a recent article, Riverbank’s MD, Dr. Malcolm Newdick wrote an
article about The Ever Changing Role of the CIO, exploring how the CIO is no longer just the IT guru
who delivers the complicated stuff. Now the CIO carries the can for their enterprise’s security – a
major additional responsibility.
Interestingly, others surveyed believed the buck stops with the MD/CEO; COO, Office Manager or
even themselves. Which begs the question: is it the responsibility falling between the gaps?
With more than 20% of responses suggesting that it’s unclear whose responsibility cyber-security is,
it’s certainly a significant issue.
A whopping 72% think that UK companies don’t believe it will happen to them and yet (here comes
the scary bit), 90% of those surveyed feel UK companies will suffer an attempt within the coming
Almost 40% of those surveyed felt that business don’t know who to go to get help: a critical part of
getting a data breach plan in place. And the time to act is unequivocally now.
This requires going to a specialist cyber-security company, such as Riverbank, that can impartially
evaluate a business’s current hardware, software and staff training plan, and work in partnership to
build a responsive, pro-active and forward-thinking strategy.
Our next question focused on the weight of importance regarding hardware and software versus
fully training staff against risky online behaviour. More than half agreed it should be an even split
with the next biggest response thinking it’s all about the kit.
In a further article, Why Are So Many Business Still Unprepared for Cyber-Attacks, Riverbank’s Dr.
Newdick contends that the number 1 factor is in fact people. He advises that companies should,
“…be very careful in your recruitment; get references and conduct background checks.” Newdick
also advises, “…user education: just like sexual health, education prevents infection!”
He then goes on to recognise the importance of systems and processes, strong IT, multi-layered
security and ongoing testing in the blog.
We went on to ask about the biggest impact if the worst happened both in the moment and after
the attack is contained.
The majority of those surveyed believed the worst consequence would be a hacker accessing their
clients’ data and that, once the dust settled, negative public relations and the costs associated with
the cyber-attack would be the worst fall-out of the breach.
So, what’s everyone doing about it? Well, that depends which company you work for. We asked, how prepared against a cyber-attack they believed their company was and got varying responses:
A strong 24% consider they have security products and trained staff in place which is great news.
More worryingly, the other three-quarters have a piece-meal approach and 6% have no products nor
training in place.
In a similar question, we also asked how prepared against a cyber-attack they considered their
company to be. More than 36% felt they fell short of the mark.
But what if the worst happened, we asked, what have you got prepared? Disturbingly, only 30% have a plan in place.
Half the respondents have some strategies in place but almost 21% have nothing prepared. A solid
data breach plan is essential to minimise the impact on your own business and the potentially
catastrophic knock-on effect to your clients.
So, what are the UK business doing to shoulder a security breach?
A confident 32% tell us they’re all over it. Top of the class.
Meanwhile, looking uncomfortable at the back of the room are the near half respondents who know
they need to produce a complete data breach response plan and a further 25% who need to pick up
the phone to an outsourced cyber security specialist company.