New Government statistics show that nearly half of all UK businesses suffered a cyber breach or attack in the past 12 months. The Cyber Security Breaches Survey 2017 reveals that nearly seven in ten large businesses identified a breach or attack with the average cost to large businesses of all breaches over the period being £20,000 and in some cases reaching millions. The survey also shows businesses holding electronic personal data on customers were much more likely to suffer cyber breaches than those that do not (51 percent compared to 37 percent).
The most common breaches or attacks were via phishing and fraudulent emails, followed by viruses and malware.
Other key findings were:
- Of the businesses which identified a breach or attack, almost a quarter had a temporary loss of files, a fifth had software or systems corrupted, one in ten lost access to third party systems they rely on, and one in ten had their website taken down or slowed.
- Firms are increasingly concerned about data protection, with the need to protect customer data cited as the top reason for investing by half of all firms who spend money on cyber security measures.
- Businesses are taking the cyber threat seriously, with three quarters of all firms saying cyber security is a high priority for senior managers and directors; nine in ten businesses regularly update their software and malware protection; and two thirds of businesses invest money in cyber security measures.
- Small businesses are hit particularly hard by attacks, with nearly one in five taking a day or more to recover from their most disruptive breach.
- Areas where industry could do more to protect itself include around guidance on acceptably strong passwords (only seven in ten firms currently do this), formal policies on managing cyber security risk (only one third of firms), cyber security training (only one in five firms), and planning for an attack with a cyber security incident management plan (only one in ten firms).