Cybercrime in the UK has jumped 20% since 2014 with nearly two-thirds of businesses expressing no confidence in the ability of law enforcement to deal with it, according to PwC
The consultancy released the figures as part of its Global Economic Crime Survey 2016 today.
It revealed that cybercrime is now the fastest growing type of economic crime in the UK, accounting for 44% over the past 24 months.
It’s also significantly higher than the global figure of 32%.
Things are only set to get worse, with half (51%) of respondents claiming they expect to be hit with a successful cyber-attack over the next two years.
What’s more, a third of businesses (30%) polled said they still don’t have a cyber response plan in place.
“The threat of cybercrime is now a board level risk issue, but not enough UK companies treat it that way,” argued PwC forensics leader, John Tracey.
“Business needs to minimize the opportunities for economic crime through rigorous fraud risk assessment, supported by a culture based on shared corporate values and robust policies and compliance programs.”
Rob Lay, Customer Solutions Architect at Fujitsu UK&Ireland, argued that malicious attacks often come from within the organization.
“To reduce the impact of malicious insider attacks, businesses can implement access-based controls to regulate what data can be seen by whom. This way, they can monitor who is trying to access data that isn’t relevant to them, highlighting their potentially malicious intentions,” he added.
“Organizations should also look to encrypt their data where possible and perform regular vulnerability scans of their internal network to understand what vulnerabilities exist and could therefore be exploited by a malicious insider.”
Yaroslav Rosomakho, Channel Solutions Manager at Arbor Networks, argued that the 20% figure is probably underestimating the level of cyber threats facing UK firms.
“We are more connected and reliant on technology than ever before, and as a result, the number of routes for an attack is increasing exponentially. In this new landscape, it’s clear that companies must do more as attackers continue to evolve,” he added.
“What’s becoming essential, especially for larger organizations and high-value targets, is having the ability to detect and contain threats quickly – even when they make it past the perimeter defenses. This isn’t all about technology – although having the right tools helps – people and process are key in this.”