8 out of 10 businesses have failed to improve cybersecurity since COVID.

    October 15, 2021

    Nobody needs reminding that during the last 18 months there has been a monumental shift in how vital tech is for businesses.

    The necessity for the UK workforce to take to the kitchen tables and spare rooms in March 2020 and its ongoing impact on the work environment, has seen a massive acceleration in the digital transition. No business has been untouched by that shift and many are still contemplating what the future vision should be for their tech provision.

    While the initial rush to get employees’ tech working in private homes may be in the past, many continue to work from home as part of their normal working week. The infrastructure, in most cases, is working perfectly well, but one area of operations that is continually overlooked is cybersecurity.

    By their nature, home networks haven’t been developed with the same security considerations as business networks. Added to the ongoing significance of data security that all firms face, then it’s surprising how little awareness there is around the impact of security breaches.

    Some of the figures that emerged from a recent UK Government survey are truly eye-opening:

    Breaches have increased in the last year for large and medium businesses – Four in ten businesses (39%) and a quarter of charities (26%) report having cybersecurity breaches or attacks in the last 12 months. This is higher among medium sized businesses (65%) and larger businesses (64%).

    Businesses are experiencing attacks at least weekly. Among those that have identified breaches or attacks, around a quarter (27% of these businesses and 23% of these charities) experience them at least once a week.

    The most common by far are phishing attacks (for 83% and 79% respectively), followed by impersonation (for 27% and 23%). Broadly, these patterns around frequency and threat vectors are in line with the 2020 and 2019 results.

    Directors and senior managers are tasked with cybersecurity as a high priority. Three-quarters (77%) of businesses say cybersecurity is a high priority for their directors or senior managers, with half updating their senior management teams about the actions taken on cybersecurity at least quarterly, in line with the 2020 results.

    However, COVID-19 has not raised the importance of cybersecurity with businesses, even though staff are working remotely. Overwhelmingly, businesses (84%) and charities (80%) say COVID-19 has made no change to the importance they place on cybersecurity.

    So, despite the shift to new digital working practices and home working continuing to make-up a significant part of the working week, the vast majority of businesses have not re-assessed their cybersecurity provision.

    With the prevalence and potential impact breaches in security can have on disrupting day to day business and the larger financial implications, then doing nothing to address the issues isn’t an option. Sadly, many businesses realise only after the event that the damage inflicted could have been prevented, if only they had taken some simple pre-emptive actions.

    EBY has partnered with a cyber security expert, OmniCyber Security to assess the level of security our partners have within their onsite and offsite networks, as well as their wider digital footprints.

    If you think your business may need to review its cyber security framework, then please get in touch to arrange a call.


    We store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products.

    With your permission we and our partners may use precise geolocation data and identification through device scanning. You may click to consent to our and our partners’ processing as described above. Alternatively you may access more detailed information and change your preferences before consenting or to refuse consenting. Please note that some processing of your personal data may not require your consent, but you have a right to object to such processing. Your preferences will apply to this website only. You can change your preferences at any time by returning to this site or visit our privacy policy