Security awareness vendor KnowBe4 has released the findings of The 2020 What Keeps You Up at Night Report, which delves into the issues that specifically trouble U.K.-based organizations and IT experts.

This includes attack types, security initiatives as well as organizational constraints. Moreover, an in-depth analysis examines just how prepared these organizations are in managing such cyber threats, risks and concerns.

The report compiled information gathered from interviews with nearly 200 organizations across 12 different industries in the U.K.

It was found that, despite feeling confident in their organization's security posture, many respondents, somewhat contradictorily, continued to express significant concerns.

“Indeed, an overwhelming majority (96%) of respondents believe that their organizations have either a 'proactive' or 'mature' security strategy in place,” KnowBe4 said in a release. “An additional 71% believe that their organization has a well-established security culture or that their employees have adopted good cybersecurity behaviours. Yet, 48% of organizations were still concerned to some degree towards at least one of the security issues raised.”

Key findings include:

  • The 'untrained or malicious user' is the single greatest factor in determining "up at night" levels of stress, increasing concerns over cyber attacks an average of 125%
  • Three-quarters (75%) of U.K. organizations express concerns overshadow apps and devices
  • Ensuring security measures meet compliance requirements continues to be a challenge for 48% of organizations
  • Almost two-thirds (63%) of organizations are concerned about having adequate budget to cover the costs of proper IT staffing, to implement solutions and to maintain relationships with key vendors
  • Almost seven out of 10 (69%) of respondents are worried about credential compromise to some degree, ranking it as the top attack concern.

"When it comes to cybersecurity, it can often feel like a game of moving one step forward only to find that you have moved two steps back,” said Javvad Malik, security awareness advocate at KnowBe4.

“Cyber criminals are relentless in their efforts, adapting and altering their strategies for maximum, personal gain. This report clearly demonstrates the many causes of concern, but more importantly, it's a reminder that no organization can afford to fall complacent; whether in implementing security policies or building a security culture."

The full report can be viewed here:

Paul Barker