News releases 2016
Staff and supply chains are greatest cyber security vulnerabilities for critical national infrastructure and defence organisations - 20 October 2016
New research has revealed that more than half of senior industry figures have low confidence in the cyber security of critical national infrastructure (CNI) supply chains, while 50 per cent cite people/staff as CNI’s greatest cyber resilience weakness.
The research forms part of Atkins’ new Cyber Resilient Infrastructure Report, published today as part of European Cyber Security Month. The report, which outlines how the UK might become a more cyber resilient nation, includes a contribution from General Sir Richard Barrons, former Commander Joint Forces Command and Chief of Staff of the UK Armed Forces (until April 2016).
The research findings reflect the views of senior figures across a wide range of CNI, government and defence organisations. These include Airbus Defence & Space, Anglian Water, Department for Culture, Media & Sport, Ministry of Defence, Qinetiq, and the UK Space Agency.
58 per cent of respondents reported low levels of confidence in the cyber resilience of CNI supply chains, with half of those expressing no confidence at all. Although people were confident in the security protecting their own organisation, it was considered to be much more difficult to protect information assets and intellectual property once it entered a wider supply chain.
When asked to rank their top three cyber security concerns today, half of respondents identified people/employees as their top concern. This response covered a range of issues including insider threat, user browsing, board-level awareness, and staff understanding of the part they play in helping to protect their organisation.
The second highest concern was network compromise and insufficiently protected legacy systems (25 per cent), including issues around the Internet of Things and Cloud-based services. This was then followed by concerns around the pervasive growth of organised and state-sponsored cyber-crime (8 per cent).
Two thirds of respondents consider their top three concerns to be the same this year as last, with any difference being a greater understanding of the scale of the threats presented and breadth of the risk.
When asked to look ahead and cite their top CNI cyber security concerns for the future, 28 per cent suggested it was the rapid advance of technology, especially the Internet of Things and convergence. This was followed by the growth of organised and state-sponsored cyber-crime (24 per cent), and then a shortage of skills required for the UK’s cyber defence (20 per cent).
When asked to gauge whether advantage currently lay with the cyber attacker or defender, 70 percent believed it was with the attacker (compared to 61 per cent last year), 13 per cent said it was currently balanced (compared to 17 per cent last year) and 17 per cent believed it was with the defender (compared to 22 per cent last year).
Andy Wall, Atkins’ head of cyber security explained: “As well as serving as a confidence barometer, the research results also help paint a picture of the CNI and defence industry’s major cyber security concerns, both today and in the future. Although some of these results are concerning, there are of course some CNI organisations – particularly the civil nuclear industry – who are leading in this area, and there is much that parallel sectors could learn from their example.
“Alongside the concerns outlined above, transparency was also raised as an enduring industry challenge. A lack of clear definitions of risk terms and reliance upon confusing technical language to define the cyber threat is turning off senior leaders. This in turn is preventing them from fully understanding the risks and potential mitigation measures. Hopefully this report will help to overcome some of those barriers.”
To download a free copy of the report and research, please visit: explore.atkinsglobal.com/cyber
To learn more about Atkins’ cyber resilience expertise, please visit: atkinsglobal.com/cyber
To request copies of the infographics to support the editorial, please contact Dan Gray (details below)
Notes to editors:
Atkins (www.atkinsglobal.com) is one of the world's most respected design, engineering and project management consultancies, employing some 18,000 people across the UK, North America, Middle East, Asia Pacific and Europe. We build long term trusted partnerships to create a world where lives are enriched through the implementation of our ideas. You can view Atkins’ recent projects on our website.
Follow our story on:
Twitter | Facebook | LinkedIn | YouTube | Angles | Google+ | Pinterest | Slideshare
About the CNI Cyber Resilience research
The research was undertaken by a third party between mid-September 2016 and mid-October 2016 and involved telephone interviews with senior individuals in CNI, Defence and government organisations, as well as those businesses that form part of their respective supply chains. Respondents were primarily clients or partners of Atkins and included Airbus Defence & Space, Anglian Water, Department for Culture, Media & Sport, Marshall Aerospace & Defence Group, Ministry of Defence Joint Forces Command, and the UK Space Agency. Academic and policy body respondents included Cranfield University, CREST, Oxford Research Centre, Queen’s University Belfast, techUK and UKTI.
About European Cyber security month
For more information about European Cyber security month, please visit: https://cybersecuritymonth.eu/