Search Our Site

We have 3,726,621 registered online learners.
1,116 new learners so far today.

Are British businesses sufficiently prepared for the threat of cyber attacks?

schedule 4th September 2017 by Ben Piper in Virtual College Last updated on 24th April 2018

two business men talking on ipad

The rapid evolution of technology over the last few years means that more organisations than ever before are now reliant on digital data and sophisticated IT systems to aid the running of their day-to-day operations. Naturally, this has led to countless advantages - but it has also created numerous potential risks.

Among these, the most prominent danger is unquestionably the threat of cyber attacks and data breaches, with criminals developing ever more sophisticated tools for bringing down crucial systems and gaining access to confidential information. Falling victim to this kind of attack can result in significant disruption, financial losses and potentially irreparable reputational damage.

Of course, these facts are widely known by most British businesses - and yet, evidence continues to suggest that many companies are still falling short when it comes to protecting themselves against cyber attacks. With criminal activity on the rise, it is becoming increasingly vital that bosses take action now, or risk paying a high price.

Failing to back up intent with action

The scale of the current problem was recently highlighted by a UK government report that surveyed the UK's 350 biggest companies as part of a yearly cyber health check. Although 54 per cent recognised cyber threats as a leading business risk, 68 per cent of boards said they had not received any training on how to deal with a cyber incident.

Moreover, only 31 per cent of boards had received any comprehensive cyber risk information, while ten per cent are operating without any response plan for a cyber incident in place.

Charities just as vulnerable as businesses

The Department for Digital, Culture, Media and Sport pointed out that it is not just private sector businesses that are vulnerable to cyber attacks, as many charity organisations are also failing to take their data protection responsibilities seriously enough.

Many of the charity staff surveyed confessed to not being well-informed on the subject, with even those in charge of cyber security neglecting to proactively seek out information. Instead, they rely on outsourced IT providers to deal with threats - despite recognising the importance of protecting the personal data of donors or service users.

Lack of preparation for new regulations

The continued risk that cyber attacks pose to organisations of all kinds has prompted lawmakers to introduce new legal measures to tackle the problem, including the Europe-wide General Data Protection Regulation (GDPR), which comes into effect on May 25th 2018.

With GDPR set to also become part of British law via a new Data Protection Bill, it is essential for all UK organisations to conform to the new regulations. The cyber health check report revealed that 97 per cent of firms are aware of the legal change, but also that many are not yet ready. Some 71 per cent said they were only somewhat prepared to meet the GDPR requirements, with only six per cent being fully prepared, while a mere 13 per cent said GDPR was regularly considered by their board.

Taking steps towards improvement

Despite some of the concerning trends highlighted, the report also offered some cause for encouragement. For example, 53 per cent of company boards are now setting out their approach to cyber risks - up from 33 per cent last year - while 57 per cent now have a clear understanding of the impact of a cyber attack, up from 49 per cent in 2016.

Clearly, awareness of the need for a more holistic approach to developing IT security systems, policies and guidelines is emerging, but in order for this to be translated into tangible benefits, organisations need to educate themselves and their staff further.

The government is looking to aid this process by offering free online advice and training schemes to help businesses protect themselves, but bosses should also be looking to take the initiative by looking at ways to overhaul their security culture and the way they protect key data assets, backed up by training to ensure they have the buy-in of staff at all levels.

In doing so, companies can make sure they are fully compliant with the latest regulations and insulated against the kind of threats that can cause significant damage - meaning they can enjoy all the benefits of running a digital organisation without worrying about the downsides.

Summary: A new report has demonstrated that many British businesses are still not ready to deal with the threat of cyber attacks, despite the increasingly significant risks such incidents can pose.


Related resources

Ben Piper - Virtual College

Author: Ben Piper

Ben is a member of the Virtual College marketing team. He has a degree in economics and writes about business and education issues. In his spare time he loves food, drink and films.

ISO 9001:2015
Crown Commercial Service Supplier
LPI Accredited Learning Technologies Provider


+44 (0)1943 605 976

Virtual College

Marsel House


West Yorkshire

LS29 8DD

Awards for footer
Gold and silver award winners at the Learning Technologies Awards 2017 - including gold for excellence in the design of learning content.


We are in the process of moving to one Virtual College website. If you want to go back to a course, or start a course, bought from our old website then you may need to login to our original learning management system. Otherwise, please proceed to our new learning management system to return to your training.


You are already logged in. Click the button below to be taken to your LMS dashboard. Alternatively, click logout to leave the system.