Sometimes it comes down to a simple lack of awareness or a refocusing on priorities away from "things that will never happen." Except when it they can, and do.
According to the latest research by the U.K.'s Institution of Engineering and Technology (IET), cybersecurity threats only rank as high priority among a small number of organizations with small to medium-sized enterprises (SME).
From the research, surveying 250 SME organizations:
One of the reasons for all of this is resource management, or lack thereof. Many firms are unable to grasp the fact that some cyberthreats exist today, and that future threats "will come from currently known threats."
While the vast majority knew about malware, many didn't know other key hacking techniques, not limited to hacktivism, denial-of-service attacks, and spear phishing.
IET's Hugh Boyes said the organization is "working to raise awareness among the UK engineering and technology community of the need to improve the cyber security of both our critical national infrastructure and all the technology we use," amid an increasing number of cyberthreats on a daily basis.
Cybersecurity remains high on the agenda, not just in the U.K. but also further afield.
The U.S. government in the past year banished Chinese network equipment makers Huawei and ZTE from the country. And in recent weeks, a spate of attacks have seen economic aftershocks after high-profile Twitter accounts were targeted by electronic freedom fighters.
The U.S. responded by creating the Cyber Intelligence Sharing and Protection Act (CISPA) in the lower House chamber, but it was shelved for a second time once it reached the higher Senate chamber.
In the meantime, while the U.K. government has yet to create a similar privacy infringing bill like CISPA, it continues to push for the "snoopers' charter." The bill likely won't pass through Parliament, as U.K. Deputy Prime Minister Nick Clegg pulled his party's support for the bill.