Cyberattacks against enterprise infrastructure are on the rise in the U.K. as digital transformation expands the digital footprints—and the potential attack surfaces—of many organizations, according to a report published by Information Services Group (ISG).
The report for the U.K. finds the increasing sophistication of cyberattacks against different points in the enterprise IT ecosystem has made organizations more aware of cybersecurity and more interested in a broad range of defensive technologies.
“Cloud migrations, mergers and acquisitions and the growth of application estates have added to the cybersecurity challenges British firms are facing,” said Roger Albrecht, co-leader of ISG Cybersecurity. “Companies consider risk management central to enterprise leadership and want experienced partners for security solutions and services.”
How enterprises tackle growing cyberattacks risks
Identity and access management (IAM) and data leakage/loss prevention (DLP) services are gaining momentum in the U.K. in the wake of the COVID-19 pandemic as companies undergo digital transformation and change their work practices.
Many organizations are seeking IAM as a cloud-based service. Enterprises are also implementing zero trust architectures, which focus on continuous authentication, to maintain security amid the growth of remote work.
The WannaCry ransomware attack against the National Health Service in 2017 revealed the potential risks of cybercrime to organizational reputations. A recent survey by the U.K. Department for Digital Culture, Media and Sport found 65 percent of midsize and 64 percent of large businesses had experienced a cyberattack in the last 12 months. In this environment, U.K. enterprises are increasingly seeking risk advisory, governance, compliance, training and other services.
Security roviders covering all aspects of IT and business
A wide range of security services and solutions providers in the U.K. cover all aspects of IT and business. Some operate in a specific location, while others focus on certain sectors, tools or systems. Leading providers in the market are developing proprietary platforms and interfaces to integrate a variety of vendor solutions.
Governance, risk and compliance practices are also a major concern to U.K. enterprises, according to the report. Recent data protection laws, including the Data Protection Act and the Network and Information Systems Regulation in the U.K. and GDPR in the EU, mandate compliance requirements, penalties and notification timelines. Complying with these regulations is one of the key objectives of enterprise cybersecurity programs.