Executives 'in denial' about cyber security threat

Alan Burkitt-Gray
Published on:

A new report from BT and KPMG says businesses are in denial or have false confidence about threats

Businesses are in danger of falling into dangerous traps as they deal with the complexity of securing a digital enterprise, says BT in a new report.

These include being stuck in ‘Denial’ and ‘Worry’ phases at one end of the spectrum, and ‘False Confidence’ and ‘Hard Lessons’ at the other end, says BT, in a report that is co-authored with consultancy KPMG.

The report comes in the wake of high-profile global ransomware attacks such as WannaCry and Petya, and it offers practical advice to businesses of all sizes on how best to manage their security journey and turn it into a business opportunity.

“The global scale of the recent ransomware attacks showed the astonishing speed at which even the most unsophisticated of attacks can spread around the world,” said Mark Hughes, CEO of BT Security, who leads 3,000 people in the company looking after the company’s physical and network security and selling its skills to other companies.

“Many organisations could have avoided these attacks by maintaining better standards of cyber hygiene and getting the basics right,” said Hughes. “These global incidents remind us that every business today – from the smallest sole trader through to SMEs and large multinational corporations – needs to get to grips with managing the security of their IT estate, as well as their people and processes. This report aims to help secure the digital enterprise by navigating businesses through their cyber security journey.”

David Ferbrache, technical director in KPMG’s cyber security practice, said: “The business community needs to avoid knee-jerk reactions as cyber security is a journey – not a one size fits all issue – and getting the basics like patching and back-ups right matters. It’s important to build a security culture, raise awareness amongst staff, and remember that security needs to enable business, not prevent it.”

The new report, “The cyber security journey – from denial to opportunity”, is published today.