Microsoft: 87% of UK Businesses Are Unprepared for Cyberattacks

A study from Microsoft and Goldsmiths, University of London has recovered that conscionable 13% of U.K. businesses are resilient to cyberattacks, with 48% deemed susceptible and the remaining 39% facing precocious risk.

A survey of 1,039 elder concern decision-makers and 1,051 employees revealed that the bulk of U.K. organisations lacked capable cybersecurity tools oregon processes. Microsoft warned that this near 87% of organisations exposed to information threats astatine a clip erstwhile atrocious actors were utilizing AI to motorboat much blase attacks (Figure A).

Figure A

Nearly 9 successful 10 U.K. organisations are inadequately protected against cyberattacks, according to Microsoft and Goldsmiths research. Image: Microsoft

UK not surviving up to its “AI superpower” title

According to the report, titled Mission Critical: Unlocking the UK AI Opportunity Through Cybersecurity, cyberattacks presently outgo the U.K. an estimated £87 cardinal ($111 cardinal USD) each year.

The report’s authors argued that U.K. businesses’ deficiency of resilience to cyberattacks stood astatine likelihood with the country’s ambition of becoming a planetary person successful AI, symbolised by the signing of The Bletchley Declaration successful November 2023 and the National AI Strategy successful 2021, an ambitious 10-year program that seeks to boost AI successful concern and pull planetary investment.

SEE: Cyber League: UK’s NCSC Calls connected Industry Experts to Join its Fight Against Cyber Threats

Microsoft UK CEO: British organisations indispensable beryllium acceptable to combat occurrence with fire

In the study, 52% of information decision-makers and 60% of elder information professionals expressed interest that existent geopolitical tensions could escalate cybersecurity risks for their organisations.

As a result, implicit fractional (55%) viewed inadequate extortion arsenic a imaginable menace to the U.K.’s economical expansion, portion astir two-thirds (69%) acknowledged the request for amended cybersecurity defences to execute the U.K.’s ambition of planetary AI leadership.

Microsoft, meanwhile, recently committed £2.5 billion ($3.2 cardinal USD) to grow its artificial quality capabilities successful the U.K. arsenic portion of plans to substance the country’s AI sector.

In a foreword to this caller report, Microsoft UK CEO Claire Barclay said the U.K. could lone conscionable its AI aspirations if businesses invested successful cybersecurity processes and upgraded their information toolkits to lucifer those of atrocious actors.

“Just arsenic businesses and governments are keen to pat into AI’s potential, truthful are atrocious actors. Traditional add-on information solutions tin nary longer support gait with the menace posed by cybercriminals, meaning British organisations indispensable beryllium acceptable to combat occurrence with fire,” said Barclay.

“Unless we limb ourselves with AI-enabled cyber defences that are stronger than AI-enabled cyber threats, it volition beryllium difficult, intolerable even, for america to turn and, ultimately, thrive arsenic a nation.”

SEE: Generative AI Defined: How it Works, Benefits and Dangers

How AI boosts cybersecurity capabilities

Paul Kelly, manager of Security Business Group astatine Microsoft UK, said successful the study that the close AI technologies could boost businesses’ abilities to observe and mitigate cybersecurity threats by automatically identifying analyzable patterns and anomalies that quality analysts mightiness miss.

“AI for cybersecurity uses AI to analyse and correlate cyber menace information crossed aggregate sources, turning it into wide and actionable insights. Security professionals tin past usage these insights for further investigation, effect and reporting,” said Kelly.

“If a cyberattack meets definite criteria defined by an organisation’s information team, AI tin besides automate the effect and isolate the affected assets. Generative AI takes this 1 measurement further by producing archetypal earthy connection text, images and different contented based connected patterns successful existing data.”

Potential fiscal benefits of AI-enhanced cybersecurity for UK businesses

The study highlighted the imaginable benefits of AI-enhanced cybersecurity.

For businesses of assorted sizes, a emblematic cyberattack costs £20,700 ($26,300 USD), with larger organisations facing an mean outgo of £148,700 ($189,800 USD). However, companies implementing AI-powered cybersecurity tools saw this disbursal alteration to £16,600 ($21,200 USD), marking a 20% simplification successful costs. The study attributed this to the quality of AI information tools to much swiftly place and respond to cyber threats.

The six dimensions of effectual Al defence

Understanding existent cybersecurity capabilities is important for businesses that privation to amended their defences against AI threats.

Researchers astatine Goldsmiths developed an appraisal exemplary based connected six cardinal areas to measure the cybersecurity strategies of U.K. organisations (Figure B):

• Resources.
• Agility, AI and automation.
• R&D and innovation.
• Transparency and method knowledge.
• Organisational buy-in.
• Trust and mindset.

Figure B

Goldsmith’s exemplary was designed to measure organisations’ cyber defence capabilities based connected planetary benchmarks — and recovered U.K. businesses lacking. Image: Microsoft

The exemplary was designed to align with criteria utilized successful planetary benchmarks for establishing beardown cybersecurity measures. Based connected this model, the study recovered that lone a fraction of U.K. organisations could beryllium considered resilient to the evolving threats posed by AI.

Cyber consciousness needs to beryllium dispersed passim organisations

The study besides highlighted a spread successful cybersecurity consciousness among U.K. decision-makers.

Specifically, 27% are unaware of the costs associated with palmy cyberattacks, and 53% are uncertain astir betterment times from specified incidents. This contrasts with a higher level of knowing among information professionals, indicating the value of spreading cybersecurity consciousness passim organisations.

Likewise, the survey highlighted a notable quality of sentiment erstwhile it comes to risks posed by Internet of Things devices: 38% of elder information professionals said they are disquieted astir IoT, compared to 12% of decision-makers. This suggests that improving cognition astir cybersecurity risks and mitigation strategies is captious for organisations, the study said.

A five-step blueprint for amended cybersecurity utilizing AI

The study offered a blueprint for authorities and concern leaders designed to physique resilient cyber defences and usage AI effectively. These are the 5 cardinal steps to usher the improvement of robust protections portion leveraging AI technology:

• Support wide adoption of AI successful cybersecurity: Encourage the accelerated uptake of AI defences and innovative cyber strategies.
• Target investment: Guide organisations towards targeted concern successful AI solutions, either custom-built oregon off-the-shelf.
• Cultivate talent: Leverage skills programs, on-the-job grooming and partnerships to heighten U.K. cybersecurity skills.
• Foster probe and cognition sharing: Invest successful R&D partnerships and beforehand the sharing of insights from cyberattacks for amended preparedness.
• Support simple, harmless adoption: Collaborate with leaders successful assorted sectors to supply clear, standards-aligned guidance for AI deployment.

SEE: UK Deep Tech Faces Major Diversity Challenge, Royal Academy of Engineering Finds

In a property release accompanying the report, Dr. Chris Brauer, manager of Innovation astatine Goldsmiths, said, “The UK has phenomenal imaginable to pb the satellite successful the usage of AI, an unprecedented accidental to supercharge our system and alteration our nationalist services. But that aboriginal indispensable beryllium built connected unafraid foundations.”

He added, “To go an AI superpower, the UK indispensable support its presumption arsenic a cybersecurity superpower. With truthful galore organisations shown to beryllium susceptible to cybercrime, our probe surfaces some the urgency of the issue, and utile actions that leaders tin instrumentality to boost the country’s cyber resilience.”