In 2020 40% Of UK Businesses Suffered A Cyber Attack

The UK’s Cyber Security Breaches Survey 2021 says the cyber risk to organisations is heightened because of the pandemic, which has made securing digital environments more challenging as organisational resources are diverted to facilitating home working for staff. 

Two in five businesses (39 per cent) and a quarter of charities (26 per cent) report having cyber security breaches or attacks in the last 12 months.

The government is now encouraging businesses, charities and educational institutions to follow the free help and guidance from the UK cyber security experts at the National Cyber Security Centre (NCSC). 

Digital Infrastructure Minister Matt Warman said: “The pandemic has taken an unavoidable toll on British businesses but we cannot let it disrupt our high cyber security standards”. With more people working remotely it is vital firms have the right protections in place, and I urge all organisations to follow the National Cyber Security Centre’s expert guidance so we can build back better and drive a new era of digital growth.

The new data shows fewer businesses are using security monitoring tools to identify abnormal activity which could indicate a breach - suggesting firms are less aware than before of the breaches and attacks staff are facing. The figure has dropped five per cent since last year to one in three firms (35 per cent). Only 83 per cent of businesses have up-to-date anti-virus software - also down five per cent from the previous year.

The most common breaches or attacks were phishing emails, followed by instances of others impersonating their organisation online, viruses or other malware including ransomware.

Where a breach has resulted in a loss of data or assets, the average cost of a cyber attack on a business is £8,460. This figure rises to £13,400 for medium and large businesses. The figures also reveal nearly half of businesses (47 per cent) have staff using personal devices for work, but only 18 per cent have a cyber security policy on how to use those personal devices at work. Less than a quarter of businesses (23 per cent) have a cyber security policy covering home working.

Despite the challenges of the pandemic, cyber security remains a high priority for business leaders. More than three quarters (77 per cent) of businesses say cyber security is a high priority - up 12 per cent from the 2016 report.

The UK government is investing £1.9 billion in the National Cyber Security Strategy over five years to support a prosperous digital economy. This includes delivering a programme to improve businesses cyber resilience, set high industry standards and provide organisations with expert advice and guidance. 

Rashid Ali, Enterprise Solutions Manager at access management software firm WALLIX told Cyber Security Intelligence: “The findings of latest cyber report from the UK government do not come as a surprise, but they should act as a stark reminder that organisations need to bolster and re-evaluate their cyber security strategy..... The pandemic and the rapid move towards remote working has certainly posed new challenges, but businesses need to ensure they have the right cyber security policies and tools in place to enable and protect today’s workforce"

Many organisations are no longer working in a traditional office or IT environment. It is essential that businesses take steps to evolve their security strategy as there has never been a greater need for strong and secure access. 

"Cyber threats are not set to go away anytime soon. Implementing adequate security measures that meet modern IT needs is a necessity in a world where new threats are awaiting to disrupt organisations" Rashid Ali added.

The review sets out the UK’s position as a responsible and democratic cyber power and announced a commitment to publish a new National Cyber Strategy later this year. The strategy will set out how the UK intends to build a more resilient digital nation and realise the benefits that cyberspace can bring.

GovUK:      Wallix

You Might Also Read: 

Directors Must Understand Their Organisation’s Cyber Risks:

 

 

« Webinar: Building A Security Observability Strategy In AWS
How Has A Year Of Pandemic Changed Cyber Security? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

SecWest

SecWest

SecWest is the organizer of CanSecWest, PACSEC, originator of PWN2OWN, security auditing, and virtual engagement/training.

DANAK

DANAK

DANAK is the national accreditation body for Denmark. The directory of members provides details of organisations offering certification services for ISO 27001.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

Responsible Cyber

Responsible Cyber

Protect yourself with Responsible Cyber’s 360° platform, IMMUNE, arming you with comprehensive support for your business.

MazeBolt Technologies

MazeBolt Technologies

Israel-based MazeBolt is an innovation leader in cybersecurity, with over two decades of experience in pioneering DDoS protection solutions.

Cybeta

Cybeta

Cybeta's actionable cybersecurity intelligence keeps your business safe with strategic and operational security recommendations that prevent breaches.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

Secmation

Secmation

Secmation are an agile engineering services firm providing advanced DoD level security design and consultation services for both commercial and defense hardware and software applications.

Aryaka

Aryaka

Aryaka’s SmartServices offer connectivity, application acceleration, security, cloud networking and insights leveraging global orchestration and provisioning.

Stripe OLT

Stripe OLT

At Stripe OLT, we provide complete business technology solutions - Our team has an unrivalled reputation as a Microsoft Gold Partner, specialising in secure, cloud-first technology.

Dataships

Dataships

We help companies automate their privacy compliance while building healthy, transparent data relationships with their customers.

FPG Technologies & Solutions

FPG Technologies & Solutions

FPG Technology is a technology solutions provider and systems integrator, specializing in delivering IT Consulting, IT Security, Cloud, Mobility, Infrastructure solutions and services.

WheelHouse IT

WheelHouse IT

WheelHouse IT secures, manages, and advances businesses with innovative, cost-effective IT solutions.

Paragon Cyber Solutions

Paragon Cyber Solutions

Paragon Cyber Solutions provides specialized security risk management and IT solutions to protect the integrity of your business operations.

OneZero Solutions

OneZero Solutions

OneZero specialize in cybersecurity operations, information assurance, computer network operations, solutions engineering, and project management.

Systal Technology Solutions

Systal Technology Solutions

Systal is a global managed network and security service and transformation specialist. We help enterprise-level businesses maximise the security and business value of their complex IT infrastructure.

Solvo

Solvo

Solvo enables security teams and other stakeholders to automatically uncover, prioritize, mitigate and remediate cloud infrastructure access risks.

Allstate Identity Protection

Allstate Identity Protection

Allstate make it easy to provide complete identity protection, so everyone can live more confidently online.