Blackberry launches public key certificate for smart meters

Cyber security and how well organisations and countries are tackling it came to the fore this week with the updating of data to support a UK survey and the release of the European Union Agency for Network and Information Security’s (ENISA) Annual Report.

The cost to UK companies of cyber attacks is almost double what it was last year while 70 per cent of organisations keep their worst security incident under wraps. These were two of the findings in the Information Security Breaches Survey 2014, conducted by the Department for Business Innovation and Skills, that was released in April but updated this month.

The study found that while the number and frequency of attacks had slightly decreased year on year, the cost had greatly increased to such an extent that some companies were forced to change the nature of their business.

The average cost to a large organisation of its worst security breach in 2014 was £600k -£1.15m, up from £450k-£850k in 2013.

Type of threats

The survey also reveals that organisations of all sizes continue to receive external cyber security threats. Twenty-four per cent of large companies detected that outsiders had penetrated their network (compared to 20 per cent in 2013) while 73 per cent suffered from infection by viruses or malicious software (up from 59 per cent a year ago).

Security policy

Among the 1,125 companies that participated in the study, of which 2 per cent were utilities, overall investment in security as part of total IT budget is increasing across all sectors with energy companies spending the same as educational and financial services entities.

ENISA’s role in cyber security

Meanwhile, ENISA’s released its annual report documenting its progress towards improving cyber security across the European Union.

One of the agency’s key objectives is to provide an independent source of information on risks, threats and threat trends, allowing private sector companies to develop mitigation strategies for enhancing their security systems and controls. ENISA confirms that more than 20 different organisations are using the conclusions of ENISA’s Threat Landscape report.

World updates

ENISA also monitors countries and their cyber security policies around the world and this week confirmed that Denmark is preparing a new strategy, while in Africa, Kenya, Nigeria and Ghana are either drafting or launching national strategies.