Half of UK Firms Hit by Cyber-Related Fraud in Past Two Years

Half of UK Firms Hit by Cyber-Related Fraud in Past Two Years

Nearly half of UK organizations (49%) have suffered from cyber-related fraud in the past two years, according to the latest research from PwC.

The global consulting firm polled over 7200 business decision makers to compile its Global Economic Crime & Fraud Survey.

The research is slightly unusual in that it approaches cybercrime in the context of it being a source of fraud. As such, it ranks highest, above others in the top five: asset misappropriation (32%), procurement fraud (23%), bribery and corruption (23%) and business misconduct (21%).

PwC forensics partner, Fran Marwood, confirmed to Infosecurity that: "the other categories are not cyber-related. They are what you might call traditional frauds."

“Much of the cybercrime in the UK comes from external overseas threats, and as the world’s fifth largest economy, it’s no surprise that the resources of UK organizations are seen as an attractive target by global fraudsters,” she added.

“Over half of respondents reported suffering phishing attacks, which are done on a large scale to play the odds. But ultimately cyber-defense relies on people understanding the threat, so training, awareness and escalation routes are just as important as defensive technology.”

UK organizations are actually behind their international counterparts when it comes to implementing anti-fraud technology and don’t seem to be using advanced tools as effectively as many.

Suspicious activity monitoring spotted just 10% of fraud, while data analytics detected only 1%, down from 8% two years ago, according to the report.

This doesn’t bode well for the future, with over two-fifths (42%) of UK respondents claiming that cybercrime would be the most disruptive ‘fraud’ type over the next two years.

More concerning still is the fact that a quarter of UK firms don’t have a cybersecurity program in place, although it does appear to be high on the agenda for most: 82% of CISOs report directly to the board, for example.

Source: Information Security Magazine