Expert comment on Microsoft report on state of cyber security across the UK’s public and private sectors
March 2024 by Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions
After the stories around Microsoft’s recent report that highlights only 13% of UK organisations are resilient to cyber crime.
The report described 48% of UK organisations as vulnerable to cyber attacks and an additional 39% as being at high risk, based on self-reported performance against a new model of resilience. The report acknowledges the UK is a global leader in cyber security and performs strongly against current international indices, but warns that as threat actors increasingly adopt AI technology in the service of enhancing aspects of their cyber attacks, organisations would do well to fight fire with fire and deploy AI themselves to bolster their defences.
Matt Aldridge, Principal Solutions Consultant, Opentext Cybersecurity says, "The insights from the report are unsurprising as we have seen a rapid rise in cyber attacks hitting both public and private sectors in the UK. It is evident that industry needs to work together to fortify their defences and ensure robust cyber security systems in place.
While it is great to see that the UK has been able to maintain its leadership position in cyber security and its position in international indices, the current efforts are not enough, especially in an age of rapid AI development. As there are only 13% of organisations that are considered resilient to cybercrime, the UK’s AI ambitions, along with its goal to maximise economic growth in general, are in jeopardy. Strong cybersecurity needs to be seen as a baseline hygiene standard for doing business or operating an organisation in the current threat landscape.
With more and more threat actors employing AI in their attacks, UK businesses must be able to defend themselves with advanced defence mechanisms. Without this, we can’t achieve global leadership in AI and we’ll risk our economic prosperity.
To facilitate responsible use and development of AI, both public and private sectors need to ensure they have clearly defined security policies and procedures in place to prevent and manage risks. It is also crucial that staff are properly trained, which underscores all effective cyber resilience and data protection strategies.
Business leaders need to do everything in their capacity to ensure the technology is regulated, and the world is prepared for the wider use of AI. It’s encouraging to see that many security decision-makers recognise this issue’s importance. Collective and decisive action will be the only way for the UK to achieve its ambitions of being a technology superpower."
—