The IT systems of UK-based professional services and financial services providers are often attacked many times each week, according to a Keeper Security report.
Darren Guccione, co-founder and chief executive of Keeper Security, said this suggests organisational cyberdefences are in question even though the professional services community is aware of increased risk.
“The increased time it takes for professional services IT teams to address a cyberattack and the widening scope of damage from a data breach emphasise the need,” Guccione said in an announcement.
“Stay ahead of evolving threats through employee training, adopting the right technologies and implementing best practices.”
Keeper’s 2022 Cybersecurity Census report suggested that UK professional services organisations are subject to more than three cyberattacks every week, with 60% expecting a higher number of successful attacks over the next year.
Among financial services providers, the share expecting this rises to 87%. Just 23% of IT leaders in financial service organisations reported that their business is “very well prepared” to defend against cyberattacks.
According to the enterprise passwords and secrets management provider, 31% of professional services organisations suffered financial losses from cyberattack, with 42% of that sample losing funds to the tune of £100,000-£999,999.
For financial services firms, 22% had money stolen, with one in four losing £100,000-£999,999.
IT leaders in the survey cited an average of 161 cyberattacks over the last 12 months, causing financial and reputation damage, the vendor said.
About 77% of professional services leaders told Keeper they need more time when attacks occur, with the time taken to identify and respond to a cyberattack increasing over the past 12 months.
“Twenty percent of respondents did not have a secrets manager to help manage IT secrets such as API keys, database passwords and credentials, and 15% did not have a connections manager to help manage remote access to privileged infrastructures,” according to Keeper Security.
Keeper’s Guccione said future investment in fighting cybercrime was not being treated with the urgency it deserves.
“The most effective means of addressing cybercrime will be better management. That includes cybersecurity training, database access through unique, non-shareable passwords, reporting cybercrime faster, and having managers with the expertise to oversee cybersecurity.”