Businesses have a 'false sense of security' when it comes to cyber crime

'Major gap between the perception and reality of security breaches among businesses,' warns Illex International Breach Confident Index

Most organisations have a misplaced confidence that they won't become the victim of a cyber attack, despite the increasing prevalence of hacking incidents and data breaches.

That's according to the Breach Confident Index by Identity and Access Management firm Ilex International. It suggests there's a misplaced confidence among British businesses about how prepared they are to fend off a cyber attack, with many victims of cyber attacks unaware they've been breached at all.

The report comes shortly after figures by the Office for National Statistics (ONS) predicted that 2.5 million cyber crimes were committed in the UK last year.

"Despite the statistics and media coverage surrounding security breaches and the impact they have on a business, from reputation to financial losses, many companies still believe it won't happen to them," says the Breach Confident Index report, which references the Sony hack and the JPMorgan Chase hack as recent examples of data breaches being "more prevalent than ever".

The report also suggests that a key issue many companies have is overconfidence. "Misplaced overconfidence is worrying and potentially very costly for British businesses," it says.

According to research by YouGov carried out on behalf of Ilex International, almost half (49 per cent) of those IT leaders surveyed said their business has not experienced a security breach. However, this represents a major gap between the perception and reality of security breaches among businesses.

"With the UK being a leading economic centre and a major target for cyber attacks, the high confidence level is worrying and completely misplaced," said Thierry Bettini, director of international strategy at Ilex International.

"The Breach Confidence Index shows that businesses have a false sense of security which could result in an increase in security breaches," he said, adding that "businesses must come to terms with the reality of data security breaches".

"If they don't think they have been targeted yet, they will be and need to be prepared. As technology evolves and brings new security risks, businesses should be doing all they can to educate employees on security best practices and tighten access to sensitive data," said Bettini.

Speaking at the the 2015 Cyber Symposium, Defence Secretary Michael Fallon MP warned that "we stand on the frontline of a virtual war" and "cyber is far from a theoretical threat".

"Our adversaries, whether revanchist Russia or evil ISIL, are becoming ever more adept and determined to use cyber to force their advantage. Such dangers are only likely to grow," he said.

Fallon described how "the cost of cyber security breaches to the UK economy roughly tripled over just the last year", which means it's "now in the order of £20bn to £30bn per year".

While the government is keen to demonstrate it is taking steps to fight cyber crime, a recent report by techUK suggests police and industry must improve their response to cyber threats.