A third of middle market firms don't understand cyber threat - RSM

A third of middle market businesses have admitted their board does not understand the cyber threat landscape enough to accurately assess their level of risk.

Audit tax and consulting firm RSM UK 's 'The Real Economy ' report also highlighted that 33 per cent of the 415 businesses surveyed had experienced difficulties recruiting cyber security experts with the right skills and experience to help safeguard against cyber threats.

Mark Taylor (pictured), regional managing partner, RSM West Midlands, said: “The research is concerning, and suggests that in the current climate of increased risk, boards need to be much more attuned to the threats posed by the Russia-Ukraine conflict, volatile financial markets, speed of technology transformation and increased home working.

“I 've noticed a marked increase in the number of West Midlands businesses who are reporting ransomware attacks.

“In order to fully protect themselves, boards need to ensure they receive the right information from their IT teams or suppliers and encourage a culture of trust, openness and vigilance throughout the business. ”

The Real Economy report also identified that, despite cyber crime increasing by 100 per cent since the pandemic, a quarter of businesses have not considered cyber insurance, leaving themselves exposed to potential financial and operational loss and reputational damage.

More than a third of businesses (35 per cent) say this is because they don 't understand what cyber insurance should cover.

Of the 62 per cent of businesses that do have a cyber insurance policy in place, understanding of what the policy covers them for has declined over the past year, with only a quarter (25 per cent) saying they are 'very familiar ' with what 's covered, compared to 40 per cent in 2021.

The research also found confidence in current measures to safeguard sensitive customer data has dropped, from almost half of middle market businesses (47 per cent) feeling “very confident ” in 2021 to 35 per cent feeling “very confident ” this year.

This loss of confidence is justified, as the increase in ransomware attacks demonstrates cybercriminals are focusing efforts on ringfencing data that is key to an organisation 's continued operation.

Increasing security protocols remains the top action taken to enhance IT and data security in response to widely publicised data breaches (47 per cent), followed by updating privacy policies (42 per cent) and engaging data security consultants (41 per cent).

Only four per cent of businesses failed to take any action in response to high profile cases of data breaches reported in the media.