Where UK organisations fail at Cybersecurity

Where UK organisations fail at Cybersecurity

August 10 2017 | Published by Marie Stanley | Blog Foursys News

Thanks to the award winning Foursys Interactive Cybersecurity Risk Assessment Tool (FiCRAT), Foursys have been able to produce a report pinpointing where UK firms have inadequate defences to fend off cyber-attacks. 

FiCRAT is a unique online web portal that allows Windows network administrators to self-assess and benchmark their networks exposure to digital threats. It consists of 12 security modules:

  • Endpoint Security
  • Network Security
  • Safe Computing Practices
  • Firewall Protection
  • Software Patching
  • Remote Access Security
  • Mobile Device Management
  • Wireless Security
  • Advanced Protection System
  • Email Security
  • Web Gateway Security
  • Reverse Proxy

Based on the answers given in each module, the Foursys algorithm grades the IT risk procedure and provides a free detailed risk assessment report.

FiCRAT was awarded the CRN Best Digital Marketing Innovation award this year at the prestigious CRN award ceremony in London. Andy Wool, Head of Marketing at Chess comments:

‘Our objective was to deliver a reliable tool to help assist customers with analysing their IT risk. We wanted an ad and vendor free, bespoke report that could offer real value to organisations when recommending best practice in a number of core areas of cybersecurity.’

Since the tool was launched last October, Foursys have been able to gather anonymised data from almost 10,000 answers from hundreds of IT administrators around the country. We are very please to be able to share an overview of where organisations stand in the defence of cyber-attacks.

The results in a nutshell

It was shown that UK organisations scored rather well across several modules, including:

  • Endpoint Security
  • Reverse Proxy
  • Web Gateway
  • Wireless Security
  • Firewall Protection

Foursys found that 9 out of 10 organisations filer web traffic and employ WPA2 to encrypt their wireless networks, 70% use VPNs to secure user’s remote connection to the system and 94% of firms scan for web traffic.

The areas that were underperforming gravitated towards internal safe computing policies regarding how the system is accessed and monitored and how clued up the users are. Luckily, in most of these cases, readdressing the weaknesses is straightforward.

‘2 in 5 firms NEVER perform internal security assessments’
Foursys recommendation? Review internal systems at least once a year.

‘50% of firms DO NOT provide any IT security user training’
Foursys recommendation? Train your users.

‘Over 50% DO NOT employ 2FA (or multi-factor authentication)’
Foursys recommendation? Implement 2FA authentication.

‘40% DO NOT use unique credentials to access the system’
Foursys recommendation? Disable default logins and replace with unique and tough-to-crack usernames and passwords.

The Foursys report comes just in time following the news that UK organisations could face huge fines for failures in cyber security after the ‘government proposes penalties as a ‘last resort’ or those failing to adequately assess risks and prevent damage.’ The Guardian comments:

‘British organisations could face fines of up to £17m, or 4% of global turnover, if they fail to take measures to prevent cyber-attacks that could result in major disruption to services such as transport, health or electricity networks.’

The full, detailed report is now available to download here.

To asses your own organisations cybersecurity risks to find out how secure you are, try our unique FiCRAT tool today!