1 minute read
Cyber Security Breaches Survey
The latest Cyber Security Breaches Survey report has revealed that 31% of micro businesses and 32% of small businesses have identified cyber breaches or attacks in the past 12 months, with phishing making up the majority of these (79-83%)
Advertisement
The Cyber Security Breaches Survey is a research study for UK cyber resilience, aligning with the National Cyber Strategy It is primarily used to inform government policy on cyber security, making the UK cyberspace a secure place to do business. The study explores the policies, processes and approach to cyber security for businesses, charities, and educational institutions. It also considers the different cyber attacks and cyber crimes these organisations face, as well as how these organisations are impacted and respond.
Identification of cyber security breaches and attacks
Cyber security breaches and attacks remain a common threat. However, smaller organisations are identifying them less than last year. This may reflect that senior managers in smaller organisations view cyber security as less of a priority in the current economic climate than in previous years, so are undertaking less monitoring and logging of breaches or attacks
● 32% of businesses and 24% of charities overall recall any breaches or attacks from the last 12 months. This is much higher for medium businesses (59%), large businesses (69%) and high-income charities with £500,000 or more in annual income (56%)
● This is a decrease from 39% of businesses and 30% of charities in 2022 The drop is driven by smaller organisations – the results for medium and large businesses, and high-income charities, remain at similar levels to last year
● Among those identifying any breaches or attacks, we estimate that the single most disruptive breach from the last 12 months cost each business, of any size, an average of approximately £1,100 For medium and large businesses, this was approximately £4,960 For charities, it was approximately £530
● The proportion of micro businesses saying cyber security is a high priority has decreased from 80% in 2022 to 68% this year Qualitative evidence suggests that cyber security has dropped down the priority lists for these smaller organisations, relative to wider economic concerns like inflation and uncertainty.
For more information on phishing and how to defend your organisation, the NCSC has plenty of useful guidance to help
