A large number (97%) of senior security pros hold concerns for the security of UK businesses following the UK’s departure from the EU. With nation state attacks a particular concern in 2022, worries in private and public sector organisations range from lowered standards for cybersecurity in the UK, lessened insight into emerging cyberthreats and greater barriers to intelligence sharing between the UK and its EU counterparts.
“CEOs need to be able to provide clear direction and make good decisions based on an often-fragmented pool of information. Cybersecurity is an area that is increasingly strategic, underpinning the success of every digital initiative that organisations undertake,” Said Rich Turner, SVP EMEA at CyberArk “Greater, shared understanding of the threats that can undermine these initiatives is therefore crucial. Cybersecurity works best when it is a team game. The more that nations globally – not just the UK and our EU partners – collaborate, the more resilient we are to cyberthreats.”
CyberArk research: Key findings
- Divergence in cyber regulations between the UK and EU is cited as a key contributing factor to these worries, with over a third (39%) of respondents concerned the UK is becoming a greater target for global cyberthreats as a result. This is supported by unease at the increasing skills gap in the industry (41%).
- Exactly 32% of security pros are worried about the impact of inconsistent cybersecurity legislation across borders. In the closely-related discipline of privacy, the UK’s proposal to replace the GDPR with more flexible and less stringent data protection laws would create further inconsistencies in policy between the two blocs and is likely to heighten concerns around regulatory divergence in other areas, including cybersecurity.
- Alongside this, there are clear discrepancies in the attitudes of the UK and the EU around cybersecurity investment strategies. Over half (60%) of European respondents (France, Germany, Italy and Spain), for example, state that they would prioritise funding from the EU’s National Recovery and Resilience Plan to bolster cybersecurity – the highest result of any potential spending area. While the UK’s announcement of the National Cybersecurity Strategy 2022 proves its commitment to protecting the nation’s cyber interests, there is no specific investment initiative, indicating that cybersecurity investment may be a lesser priority in the region.
- When it comes to the security of the UK, elevating security within overall business strategies will be essential to navigating a fast-changing cyber environment and keeping businesses, their customers and employees secure from threats. Positively, many UK organisations are already stepping up to the challenge; 90% now have an executive involved in cybersecurity planning/decision making and 63% have accelerated cybersecurity initiatives in the last 12 months. Prioritising collaboration can further bolster our collective ability to secure against cyberattack.