More than half of IT professionals have suffered a data breach

Although businesses are investing more money into security defences, companies are still failing to protect against more sophisticated breaches such as intellectual property attacks.

A report by McAfee has revealed that almost half of UK employees have experienced a breach while working for their current employer and more than half of workers think it's IT's fault for allowing data leaks to happen.

Of those that identified leaks, 55% of IT professionals think that C-level executives should lose their jobs if the breach is serious, yet stated that they themselves expect leniency if they are found to be at fault in event of a breach.

The research also revealed that concerns are shifting. Although there's no one dominant type of attack occurring in businesses, methods are becoming more advanced and evolving fast.

Database leaks, cloud applications and removable USB drives are the most commonly involved vehicles for security breaches.

Personally identifiable information (PII) breaches are now the most concerning type of breach to IT executives, probably because of the introduction and enforcement of the GDPR last year.

"With the first anniversary of GDPR approaching, IT security professionals are still complaining of the struggle to fully secure and protect their organisations from attacks," said Ed Baker, senior director of EMEA Partners at McAfee.

"Organisations are being targeted with sophisticated, evolving methods, with cybercriminals transitioning from stealing personal data to now targeting intellectual property."

But a shift is happening. IT executives report that they're bumping up their DLP, CASB and endpoint detection spend over the last 12 months, commenting that had these systems been in place previously, they would have a voiced between 65% and 80% of breaches.

"Organisations can mitigate the threat of an attack by the implementation of a holistic cybersecurity strategy. It is crucial that cybersecurity firms and the channel work on a unified front," Baker added.

"The channel has the platform to offer guidance and ensure organisations adopt an integrated approach combining security solutions with employee education to create an overall culture of security and reduce future breaches."