Only 33% of retail executives believe their staff take cyber security seriously, report suggests

The government’s Cyber Security Breaches Survey: 2017, released on April 19, demonstrates UK business’ soft underbelly when it comes to cyber-attack vulnerability, according to industry commentators.

The report reveals that only 33% of retail executives think their core staff take cyber security seriously in their day-to-day work. Across other business sectors, this figure stands at over three quarters (76%).

A headlong leap into poorly-defined Internet of Things (IoT) projects and Bring Your Own Device (BYOD) working practices may be putting more firms in danger of an attack, according to systems integrator World Wide Technology. The report shows that 46% of UK businesses are exposed to the security risks of BYOD, rising to 57% in web-orientated firms. World Wide Technology adds that after a 12 month period that saw a range of high-profile victims, including Amazon Web Services and Samsung, retailers need to adapt to the new security demands of an increasingly connected world.

World Wide Technology security solutions vice president Mike McGlynn commented: “The range of devices being exposed to the internet are usually not known for having mature security software, and are often in a vulnerable state. Even their manufacturers may not be in a position to regularly patch software in order to protect against online threats, let alone the enterprises that adopt these devices.

“The device management task involved in some IoT projects is on a scale unlike anything most retailers’ networks have tackled so far.”

He added: “Currently, most device management applications are designed for tablets and smartphones which have much more predictable behaviour. They now suddenly have to deal with the number and variety of devices being connected: a smart building initiative, which uses sensors in one fixed location, creates a very different security challenge than a global supply chain project.

“Bring Your Own Device has certainly proved a challenge for many organisations, but the predicted explosion of connected devices – to reach 20.8 billion globally by 2020 – means that retail businesses must take a holistic approach to cybersecurity which prepares them to resist attacks at the endpoint, network, cloud, and application layers.”