28/04/2017

Businesses must treat cyber security as a ‘top priority’, urged the head of the National Cyber Security Centre after the government’s first cyber security survey revealed almost half of UK businesses suffered a cyber breach or attack during the past 12 months and confirmed the threat from cyber criminals is growing.

‘Cyber Security Breaches Survey 2017’* reported that nearly 7 out of 10 large firms were victims, with the cost of all breaches suffered by firms over the period averaging £20,000, although in some cases it reached millions. Small businesses were also hit particularly hard, with 1 in 5 taking a day or more to recover from their most disruptive breaches.

Of the businesses that identified a breach or attack

• almost 25% had a temporary loss of files
• 20% had software or systems corrupted
• 10% lost access to 3rd party systems
• 10% had their website taken down or slowed

Other key findings include

• firms that held electronic personal data ** were 51% more likely to be attacked, compared to 37% of those that didn’t
• fraudulent emails, followed by viruses and malware, were the most common – and most disruptive – attacks
• 75% of firms now say cyber security is a priority

The vast majority of breaches could have been prevented, says the NCSC, by accessing expert guidance through the Cyber Essentials Scheme.

* The survey, which includes case studies and infographics, is part of the 5-year National Cyber Security Strategy to protect the UK online.

** All businesses which hold personal data will have to comply with stricter security provisions in the new General Data Protection Regulation from May 2018.