Think twice before cutting cybersecurity spend

October 3, 2023

Supply chain issues and other adverse factors affecting the UK logistics industry are well documented: driver shortages, fuel prices and the costs of environmental compliance are perhaps the most obvious. They came into sharp focus during the summer when major operator Tuffnells fell into administration, specifically citing inflationary pressures and tougher competition.

The collapse in recent days of Kettering’s KNP Logistics, with the loss of 730 jobs, is rather different, however. The company suffered a major cyber-attack in June – after which it struggled to find further investment to get back on track and survive an already challenging environment.

Last year UK businesses experienced approximately 2.39 million instances of cybercrime, and around 49,000 instances of fraud resulting from cybercrime, according to government estimates. Ransomware attacks have risen by 87% in the UK during the first half of 2023 compared to the latter half of 2022, while global rates have risen by 37% over the same period.

Desperate times inevitably lead to desperate behaviours in business, not only from seasoned criminals sensing an opportunity in economic turbulence, but also from newcomers to white collar crime who have no other means of accessing large funds quickly. In an increasingly digital world, the threat from external fraudsters to all sizes of businesses has never been greater – and this has been amplified by home working and disjointed office environments since the pandemic: it is increasingly common for frauds to be committed by employees with technological help from outsiders.

In ransomware attacks similar to that suffered by KNP, criminals are not only asking for a ransom to be a paid but potentially then stealing and releasing hacked data; an entire new sector of cyber ransom negotiators is developing. The large scale exploitation of software vulnerabilities is arguably the most obvious factor accelerating ransomware attacks in 2023. Several ‘cracks’ discovered in widely used platforms have contributed to rising attack figures.

Investment by enterprises, even at the lower end of the SME band, has been heavy, although it has been hard to sustain amid pressures on day-to-day revenues. Companies cutting cybersecurity investment – tempting when reviewing heavy areas of spending –  do so at their peril. Like marketing spend, the value isn’t always immediately visible. Before wielding the axe, managers should consider their business’s dependency on its digital infrastructure.

Business owners in a position to invest and explore the potential for cost-effective digitisation must consider ransomware very seriously. Those handling third-party data risk serious reputational damage, with customers happy to move to companies which they believe are better able to handle their information in a safe and secure way.

Written by Anoushka Desai, Analyst at Buchler Phillips, a UK based independent boutique firm with an impeccable Mayfair heritage, specialising in corporate recovery, turnaround, restructuring and insolvency.

How can we help you?

We offer initial free confidential advice without obligation.