The average cost of the most severe online security breaches for big businesses now starts at £1.46 million: up from £600,000 in 2014, according to the UK government’s annual Information Security Breaches Survey.
The Information Security Breaches Survey 2015, published by Digital Economy Minister Ed Vaizey and launched at the Infosecurity Europe event, shows the rising costs of malicious software attacks and staff-related breaches and illustrates the need for companies to take action.
For small and medium sized businesses (SMEs), the most severe breaches cost can now reach as high as £310,800, up from £115,000 in 2014, however, more firms are taking action to tackle the cyber threat, with a third of organizations now using the government’s ‘Ten Steps to Cyber Security’ guidance, up from a quarter in 2014. And nearly half (49 percent) of all organizations have achieved a ‘Cyber Essentials’ badge to protect themselves from common internet threats, or plan to get one in the next year.
The survey shows:
- 90 percent of large organizations reported they had suffered an information security breach, while 74 percent of small and medium-sized businesses reported the same.
- For companies with more than 500 employees the average cost of the most severe breach is now between £1.46 million and £3.14 million.
- For small and medium sized business the average cost of the worst breach is between £75,000 and £310,800.
- Attacks from outsiders have become a greater threat for both small and large businesses.
- 75 percent of large businesses and 30 percent of small business suffered insider (staff-related) breaches.
The Information Security Breaches Survey is conducted for the government by PwC.