Half of all firms hit by cyber attack, Government claims

DataIQ News

Businesses large and small are being urged to protect themselves against cyber crime after new Government statistics have revealed that nearly half of all UK businesses suffered a cyber breach or attack in the past 12 months, which Whitehall insists could have been prevented by signing up to the Cyber Essentials scheme.

The Cyber Security Breaches Survey 2017 reveals nearly seven in ten large businesses identified a breach or attack, with the average cost to large businesses of all breaches over the period being £20,000 and in some cases reaching millions.

The survey also shows businesses holding electronic personal data on customers were much more likely to suffer cyber breaches than those that do not (51% compared to 37%).

The most common breaches or attacks were via fraudulent emails, including those which coax staff into revealing passwords or financial information, or opening dangerous attachments - followed by viruses and malware, such as people impersonating the organisation online and ransomware.

Businesses also identified these common breaches as their single most disruptive breach. The Government claims the vast majority of them could have been prevented using its Cyber Essentials scheme, a source of guidance showing how to protect against these threats.

These new statistics show businesses across the UK are being targeted by cyber criminals every day and the scale and size of the threat is growing, which risks damaging profits and customer confidence.

The Government has committed to investing £1.9bn to protect the nation from cyber attacks to help make the UK the safest place to live and do business online.

Of the businesses which identified a breach or attack, almost a quarter had a temporary loss of files, a fifth had software or systems corrupted, one in ten lost access to third party systems they rely on, and one in ten had their website taken down or slowed.

Following a number of high profile cyber attacks, businesses are taking the threat seriously, with three quarters of all firms saying cyber security is a high priority for senior managers and directors; nine in ten businesses regularly update their software and malware protection; and two thirds of businesses invest money in cyber security measures.

Small businesses can also be hit particularly hard by attacks, with nearly one in five taking a day or more to recover from their most disruptive breach, the study claims.

Areas where industry could do more to protect itself include around guidance on acceptably strong passwords (only seven in ten firms currently do this), formal policies on managing cyber security risk (only one third of firms), cyber security training (only one in five firms), and planning for an attack with a cyber security incident management plan (only one in ten firms).

National Cyber Security Centre chief executive Ciaran Martin said: "UK businesses must treat cyber security as a top priority if they want to take advantage of the opportunities offered by the UK's vibrant digital economy.

"The majority of successful cyber attacks are not that sophisticated but can cause serious commercial damage. By getting the basic defences right, businesses of every size can protect their reputation, finances and operating capabilities.

"Cyber Essentials, technical advice on CiSP and regularly updated guidance on the NCSC website offers companies, big and small, simple steps that can significantly reduce the risk of a successful attack."

You have....



to be GDPR compliant.

Register with us for all the news

Sign-up to hear about the latest DataIQ news, content and events.