Majority of UK businesses have suffered a cyber security breach in the last year

cyber security

New Government statistics have revealed half of UK businesses suffered a cyber security breach or attack in the last 12 months; rising to two-thirds among medium sized businesses and large businesses.

In fact, the ‘Cyber Security Breaches Survey, 2017’ has claimed nearly 7 in 10 businesses have identified a breach on some level. Firms holding personal data are more likely to face an attack, compared to 37 per cent of businesses who do not hold personal data.

Discovering what the most common attacks experienced by businesses are, Reboot found that fraudulent emails was the highest, followed by viruses, spyware and malware. A further quarter suffered temporary loss of files, whilst one fifth had software or systems corrupted. 1 in 10 lost access to third party systems they rely on, and 1 in 10 had their website taken down or significantly slowed.

Subsequently, three in five businesses have sought information, advice or guidance on the cyber security threats facing their organisations over the past year.

Ciaran Martin, CEO of the National Cyber Security Centre adds: “Most successful cyber-attacks are not that sophisticated, but can cause serious commercial damage. By getting the basic defences right, businesses of every size can protect their reputation, finances and operating capabilities.”

Per research carried out by PwC, 76 per cent of UK CEO’s believe cyber risks to be a significant threat to business in 2017. Consequently, 97 per cent of British CEO’s are currently addressing possible cyber breaches in their organisation; far higher than the global average figure of 90 per cent.

The findings – based on a research sample of 1,379 global leaders, including 126 UK CEO’s – show UK leaders are significantly more concerned about cyber threats than many of their global peers, who do not consider cyber security breaches to be a heightened threat to business.

Richard Home, UK cyber security partner at PwC comments: “Most business boards now recognise that cyber security is a complex risk that requires their attention. The most successful leaders will be those who define a comprehensive, broad approach to governing cyber security.”

Over the past year, 67 per cent of businesses have spent money on cyber security; which tends to be far higher among medium firms and large firms.

Sectors such as information, communications and utilities are spending the most on cyber security protection at a cost of £19,500. Finance and insurance come second with an investment of £9,650. At the end of the spectrum is hospitality and food, with a spend of just £620.

Interesting to note, that education, health and social care – has the 2nd lowest spend for cyber security (£1,810), which is concerning considering this industry is data heavy and must do more to safeguard personal data.

Understandably, it seems businesses are most concerned with the protection of customer data and the loss of high-value assets, such as trade secrets, intellectual property and cash. The prevention of fraud or theft and the protection of reputation or brand were comparatively lower.

Areas of least concern were complying with laws and regulations, the protection of staff and systems and improving overall efficiency of the business, indicating a definite disparity between business factors and how much each means to – or may cost – a company to rectify.