Nearly two-thirds of UK organisations complacent about protecting customer data

A new Kaspersky study has lifted the lid on the scale of cyber-complacency amongst UK businesses. Alarmingly, nearly two-thirds (65%) of IT security decision-makers agree that their organisation is complacent about the protection of its customers’ data. The study revealed that many organisations are failing to take the necessary steps to prevent data breaches, despite many respondents acknowledging they would impact revenue and customer trust.

In an ever-evolving cyberthreat landscape, there is great pressure on those tasked with maintaining IT security to put in place policies and solutions that keep organisations and the data they hold secure. Alongside the threat to privacy, the financial risk for businesses is immense, with data showing the average cost of a data breach now to be around £3m per incident.

Despite the inherent risks of being complacent, many IT security decision-makers are failing to implement effective measures to protect customer data from cyberattacks. For instance, more than half (57%) say they do not currently have a cybersecurity policy in place – rising to more than two-thirds (71%) of medium-sized businesses (250 to 549 employees). Just four-in-ten (41%) businesses surveyed believe their organisation is protected with robust endpoint security.

Alongside security, consumer confidence is vital to the growth and maintenance of increasingly interconnected businesses. The majority of IT security decision makers (69%) are concerned they would lose customers following a data breach, while 74% of survey respondents believe that being perceived as cyber-complacent would be damaging to business.

However, this concern is not translating into appropriate action, with cyber-complacency having an affect on the regularity of risk assessments carried out by UK businesses. With the nature of threats constantly evolving, Kaspersky recommends that companies conduct a cyber-risk assessment at least every six months to ensure policies and safeguards are up to date and fit for purpose.

As shown in a recent Kaspersky report –The true cost of cyber-complacency: UK businesses cannot afford failure when protecting customer data – only 38% of respondents in this new survey do this in practice, making it unsurprising that almost half (47%) experienced at least one cyberattack in the last 24 months.

David Emm, Principal Security Researcher at Kaspersky, said: “Being complacent with cybersecurity, and customer data, can be incredibly costly. Along with losing sensitive information, a data breach affects business revenues, customer confidence and reputations.

“There have been many examples in recent years of household brands suffering data breaches, showing that even the most renowned businesses are at risk. For many organisations, the ramifications of a breach could be irreversible. This is why we urge business and organisations of all sizes to adopt robust cybersecurity policies, taking expertise where needed to ensure they have the best preventative measures in place.”

With 61% of IT security decision-makers thinking it is likely that their organisation will face one or more cyberattacks over the next two years, Kaspersky recommends the following advice to help protect organisations.

They should conduct regular cybersecurity assessments to review policies and services – ideally every six months. Invest in and regularly update robust endpoint security solutions that offer effective protection against the latest cyberthreats and organise frequent cybersecurity training for IT staff, so they are aware of the organisation’s policy and solutions.

For more security news visit here.

 

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Image provided by SentinelOne

SentinelOne to Spotlight AI-Power at GISEC 2025

SentinelOne announces its participation at GISEC Global 2025 (6-8 May) at the Dubai World Trade Centre. The company will highlight..
Two young intercultural programmers trying to solve problem with access to data while interacting in front of computers

DDoS attacks targeting critical infrastructure

NETSCOUT released its 2H2024 DDoS Threat Intelligence Report, revealing how Distributed Denial of Service (DDoS)…
Copyright: Security Buyer

ASIS UK Launches “Security is You(th)” Hackathon

ASIS International UK has launched Security is You(th), an initiative designed to engage students and early-career professionals…
BeyondTrust

Into the Cloud – Morey J. Haber, BeyondTrust

The January edition of International Security Buyer featured Morey J Haber, Chief Security Advisor for BeyondTrust in our Into the Cloud…
Riham Security website

Growing Intersec Saudi Arabia

Intersec Saudi Arabia’s Event Director, Riham Sedik, discusses the event’s future growth and government partnerships

Neustar Security Services introduces UltraPlatform

Neustar Security Services, a provider of cloud-based security services that enable businesses to thrive online, is launching UltraPlatform.

Security and fire 2023 trends

In 2023 all industries will face several challenges: sustainability, cost increases, and how to better manage energy & resources.
istorage

Zero trust, maximum caution

John Michael, CEO, iStorage considers the dangerous new ‘golden age’ of ransomware, ways businesses can neutralise..
Cybercrimes that pose the greatest threats to your business

UK’s failing to understand the language of cybersecurity

Kaspersky research into the language barriers that exist in cybersecurity finds that 42% of UK-based C-level security, compliance, and risk

Kaspersky and SCOPE Middle East strengthen partnership

Following a successful partnership across the Kingdom of Saudi Arabia, Africa and LEVANT region, Kaspersky and SCOPE Middle East are now expanding.
Scroll to Top