#Privacy: Finance and Insurance firms invest the most on cyber security in 2018-19

Specops Software analysed the latest findings from Gov.uk to see how serious businesses are about cyber security. 

Specops Software found that finance and insurance firms invested the most on cyber security, with £22,050 – an increase of 23% from the previous year, where both sectors spent an average of £17,900. 

Firms in health/social care/ social work invested the second highest amount on cyber security at $16,800, an astonishing 506% increase from the 2017-18 – where the average outlay was only £2,770. 

Firms in the hospitality and food sector invested the least financially, with an average of just £1,080. Despite the low sum, this figure was still an increase of 20% from 2017-18. 

Firms within the entertainment/service/membership invested slightly more than the food/hospitality sector with an average of £1,940 on cyber security in 2018-19. 

Specops Software has recommended three tips for effectively maintaining high cyber security standards; 

  1. Review IT Estate: Carry out a regular assessment of IT systems to identify any vulnerabilities that could be targeted and exposed by opportunistic cyber criminals.

  2. Education and Governance: Create a formal document that establishes the firm’s best practices and policies on cyber security. The document will also contain clear guidance on what they can and cannot do on the company’s IT devices/systems/networks.

  3. Safeguard and Protect: Keep anti-virus software up-to-date, apply the latest security patches and periodically change passwords across IT estate.


Darren James, a Cyber Security Expert from Specops Software commented:

“As cyber-attacks/breaches become more frequent and complex, cyber-security has to be a high priority for firms. Otherwise they face the huge risk of leaving their website and digital communication platforms exposed to devastating cyber-attacks/breaches. 

“So key decision makers need to carefully understand and manage their online eco-system to ensure it consistently has the adequate defences in place to protect against varying cyber threats. In addition to this, education as well as governance on cyber security for employees can play an essential role in protecting critical functions from being targeted/compromised.”

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.