Figures released by the government have revealed that nearly half (46%) of UK businesses had experienced at least one cybersecurity breach or attack in the past year, with the figure rising to two-thirds among medium and large companies.
Breaches and attacks included fraudulent emails, spyware or malware. On average, the cost of being hit for larger companies was around £20,000, but in some instances this figure went into millions of pounds.
The survey was completed by 1,500 UK businesses along with 30 in-depth interviews.
While many of the companies had basic rudimentary technical controls, only one-third had a formal policy covering cybersecurity risks, with the government warning that a “sizeable proportion” of the businesses still did not have “basic protections” in place. The report claims that attacks could easily have been prevented or dealt with if companies had taken advantage of the government’s own expert guidance.
Only 29% of companies had staff in place to specifically deal with cybersecurity.
The report describes how the threat against UK businesses is growing every day, with companies large and small facing regular attacks that are continually on the rise.
Ciaran Martin, Chief Executive Officer of the National Cyber Security Centre, said: “UK businesses must treat cyber security as a top priority if they want to take advantage of the opportunities offered by the UK’s vibrant digital economy.
“The majority of successful cyber attacks are not that sophisticated but can cause serious commercial damage. By getting the basic defences right, businesses of every size can protect their reputation, finances and operating capabilities.”
The report also revealed that fewer businesses in 2017 consider cybersecurity to be of “very low priority,” with 74% now agreeing that senior management had placed it as a high priority issue.