British Businesses Must Do More To Protect Themselves

Uploaded on 2024-04-22 in NEWS-Cybersecurity News, FREE TO VIEW

Cyber attacks are increasing, but businesses aren’t helping themselves as half of those in Britain  suffered a cyber attack or security breach in the last 12 months . Indeed, the situation is so bad that the UK Government’s Cyber Security Report 2023, has been criticised for not highlighting how small businesses are failing to respond to the risks of cyber attacks.

The annual Cyber Security Breaches Survey is a research study for UK cyber resilience, aligning with the the National Cyber Strategy.  It is primarily used to inform government policy on cyber security, making the UK cyberspace a secure place to do business.

The study explores the policies, processes and approach to cyber security, for businesses, charities and educational institutions. It also considers the different cyber attacks and cyber crimes these organisations face, as well as how these organisations are impacted and respond,” says the Report.

Dealing With Breaches & Attacks

The Report explores how well businesses and charities deal with breaches or attacks, including identification, response, reporting and adaptation to prevent future cases. In the survey, questions on this topic were  framed in terms of the most disruptive breach or attack an organisation had faced in the last 12 months.

The results of reported in a key section of the report is based on ony the 50% of business and 32% of charities that identified breaches or attacks  rather than the full sample, consequently, the sector and subgroup anaylsis is unliklely to present a full picture. 

Even so, the survey results seem to demonstrate just how poorly British businesses - especially small businesses - are responding to the  challenge of preventing, detecting or responding to data breaches

One section of the survey focuses on how businesses respond to incidents, finding that only a few businesses report a breachand that more than a third (39%) said that no action was taken in response to their most disruptive breach in the last 12 months.
 
Commenting on these finding  Andy Kays, CEO of cyber security firm Socura, who deliver managed services to some of the UK’s biggest brands and  several NHS trusts, “It is incredibly disappointing to see such disregard for cyber security among the UK’s small business community. Despite years of warnings from experts, countless data breach headlines, and increased regulatory action, this issue still isn’t on their radar... Only a fraction of UK businesses have any kind of formalised incident response plan.. Businesses will always have a plan in case of a fire, but will not apply the same due care for a data breach, which is statistically much more likely."

According to Kays,  most businesses’ experience with cyber incidents is limited to phishing attempts, and their default response is to conduct security awareness training if they do anything at all.

“In the event of a breach, businesses are not keeping records, not informing the police or regulators, not assessing the scale and impact of the incident. They are failing to do the bare minimum. It’s also important to note that businesses are doing very little to prevent or detect breaches in the first place." Kays says.

Furthemore, the estimated financial cost of a data breachof just over £1,200 per incident seems low compared to other sources. “We know that large enterprise businesses can lose millions in the event of a data breach due to the disruption, reputational impact and share price drop. The ICO can also impose serious fines to businesses that fall foul of GDPR.” Kays said.

UK Government     |     Socura     |     Tech Radar

Image: Ideogram

You Might Also Read: 

Key Security Risks For Small Businesses:

DIRECTORY OF SUPPLIERS - Incident Response:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Hackers Using YouTube To Deliver Malware
Iranian Hackers Attack US Water Supplies »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Centre for Secure Information Technologies (CSIT)

Centre for Secure Information Technologies (CSIT)

CSIT is a UK Innovation and Knowledge Centre (IKC) for secure information technologies. Our vision is to be a global innovation hub for cyber security.

Foresite

Foresite

Foresite is a global service provider, delivering a range of managed security and consulting solutions.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

National Cyber Summit (NCS)

National Cyber Summit (NCS)

The National Cyber Summit is the preeminent event for cyber training, education and workforce development aimed at protecting our nation's infrastructure from the ever-evolving cyber threat.

Fyde

Fyde

Fyde helps companies with an increasingly distributed workforce mitigate breach risk by enabling secure access to critical enterprise resources.

AUTOCRYPT

AUTOCRYPT

AUTOCRYPT is a mobility security provider dedicated to the safety of future transportation

ProLion

ProLion

ProLion provides Data Integrity solutions that ensure organisations’ data remains secure, compliant, manageable and accessible.

AB Handshake

AB Handshake

AB Handshake offers a game-changing solution for telecom service providers that eliminates fraud on inbound and outbound voice traffic.

Sify Technologies

Sify Technologies

Sify is the largest ICT service provider, systems integrator, and all-in-one network solutions company on the Indian subcontinent.

Antigen Security

Antigen Security

Antigen Security is a Digital Forensics, Incident Response and Recovery Engineering firm helping businesses and service providers prepare for, respond to, and recover from cyber threats.

Vancord

Vancord

Vancord is an information and security technology company that works in collaboration with clients to support their infrastructure and data security needs for today and tomorrow.

CSIR Information & Cybersecurity Research Centre

CSIR Information & Cybersecurity Research Centre

The CSIR Information & Cybersecurity Research Centre focuses on research, development, and innovation of home-grown cyber and information security.

CodeLock

CodeLock

Codelock is a patent-pending solution that continuously provides software security at the code level, while providing advanced management insights with performance metrics and data analytics.

Centre for Cyber Security Research & Innovation

Centre for Cyber Security Research & Innovation

The Centre for Cyber Security Research & Innovation is Nepal's First Academic Research Institute to focus on understanding the overall Information Security of Nepalese Organizations.

Attestiv

Attestiv

Attestiv puts authenticity into photos, videos and documents by utilizing advanced technologies in AI and tamper-proofing.

TeamT5

TeamT5

TeamT5 Inc. is a leading cybersecurity company dedicated to cyber threat research and solutions.