In 2020 40% Of UK Businesses Suffered A Cyber Attack

Uploaded on 2021-03-31 in TECHNOLOGY--Resilience, GOVERNMENT-National, FREE TO VIEW

The UK’s Cyber Security Breaches Survey 2021 says the cyber risk to organisations is heightened because of the pandemic, which has made securing digital environments more challenging as organisational resources are diverted to facilitating home working for staff. 

Two in five businesses (39 per cent) and a quarter of charities (26 per cent) report having cyber security breaches or attacks in the last 12 months.

The government is now encouraging businesses, charities and educational institutions to follow the free help and guidance from the UK cyber security experts at the National Cyber Security Centre (NCSC). 

Digital Infrastructure Minister Matt Warman said: “The pandemic has taken an unavoidable toll on British businesses but we cannot let it disrupt our high cyber security standards”. With more people working remotely it is vital firms have the right protections in place, and I urge all organisations to follow the National Cyber Security Centre’s expert guidance so we can build back better and drive a new era of digital growth.

The new data shows fewer businesses are using security monitoring tools to identify abnormal activity which could indicate a breach - suggesting firms are less aware than before of the breaches and attacks staff are facing. The figure has dropped five per cent since last year to one in three firms (35 per cent). Only 83 per cent of businesses have up-to-date anti-virus software - also down five per cent from the previous year.

The most common breaches or attacks were phishing emails, followed by instances of others impersonating their organisation online, viruses or other malware including ransomware.

Where a breach has resulted in a loss of data or assets, the average cost of a cyber attack on a business is £8,460. This figure rises to £13,400 for medium and large businesses. The figures also reveal nearly half of businesses (47 per cent) have staff using personal devices for work, but only 18 per cent have a cyber security policy on how to use those personal devices at work. Less than a quarter of businesses (23 per cent) have a cyber security policy covering home working.

Despite the challenges of the pandemic, cyber security remains a high priority for business leaders. More than three quarters (77 per cent) of businesses say cyber security is a high priority - up 12 per cent from the 2016 report.

The UK government is investing £1.9 billion in the National Cyber Security Strategy over five years to support a prosperous digital economy. This includes delivering a programme to improve businesses cyber resilience, set high industry standards and provide organisations with expert advice and guidance. 

Rashid Ali, Enterprise Solutions Manager at access management software firm WALLIX told Cyber Security Intelligence: “The findings of latest cyber report from the UK government do not come as a surprise, but they should act as a stark reminder that organisations need to bolster and re-evaluate their cyber security strategy..... The pandemic and the rapid move towards remote working has certainly posed new challenges, but businesses need to ensure they have the right cyber security policies and tools in place to enable and protect today’s workforce"

Many organisations are no longer working in a traditional office or IT environment. It is essential that businesses take steps to evolve their security strategy as there has never been a greater need for strong and secure access. 

"Cyber threats are not set to go away anytime soon. Implementing adequate security measures that meet modern IT needs is a necessity in a world where new threats are awaiting to disrupt organisations" Rashid Ali added.

The review sets out the UK’s position as a responsible and democratic cyber power and announced a commitment to publish a new National Cyber Strategy later this year. The strategy will set out how the UK intends to build a more resilient digital nation and realise the benefits that cyberspace can bring.

GovUK:      Wallix

You Might Also Read: 

Directors Must Understand Their Organisation’s Cyber Risks:

 

 

« Webinar: Building A Security Observability Strategy In AWS
How Has A Year Of Pandemic Changed Cyber Security? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IX Associates

IX Associates

IX Associates is a UK based IT Integration business specialising in risk, compliance, eDefence, and network security solutions.

Cyber Risk Policies

Cyber Risk Policies

CyberRiskPolicy.com is a joint venture between the Poindexter Surety Group of companies and Gibbs Cyber Security.

Wavestone

Wavestone

Wavestone is a strategy and technology consulting company with areas of expertise including digital transformation and cybersecurity.

Deductive Labs

Deductive Labs

Deductive Labs consulting services help customers with their technology, security and automation challenges.

MIT Internet Policy Research Initiative (IPRI)

MIT Internet Policy Research Initiative (IPRI)

IPRI's mission is to work with policy makers and technologists to increase the trustworthiness and effectiveness of interconnected digital systems

Japan Information Security Audit Association (JASA)

Japan Information Security Audit Association (JASA)

JASA is non-profit association active in developing and managing the quality of Information Security Auditing and Auditors in Japan.

National Authority for Electronic Certification and Cyber Security (AKCESK) - Albania

National Authority for Electronic Certification and Cyber Security (AKCESK) - Albania

AKCESK ensures security for trusted services, in particular reliability and security in electronic transactions between citizens, businesses and public authorities.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

The main objective of the Hub is to bring cybersecurity and other advanced technologies closer to companies and as a result help to increase their performance as Industry 4.0.

The ai Corporation

The ai Corporation

The ai Enterprise Fraud Solution is an on-prem or cloud-based self-service, machine learning fraud detection and prevention tool set.

eResilience

eResilience

eResilience is a division of Referentia Systems, a pioneer in an ultra-secure information safeguarding technique known as “Enclaving”, in which data can be segmented and protected within a network.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

SAFECode

SAFECode

SAFECode is a global industry forum where business leaders and technical experts come together to exchange insights on creating, improving, and promoting effective software security programs.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

Leaf IT

Leaf IT

Leaf IT are a pioneering cloud-first MSP, dedicated to helping businesses in the UK and Ireland. We focus on delivering tangible results for our clients through IT transformation.

CloudBees

CloudBees

CloudBees is building the world’s first end-to-end automated software delivery system, enabling companies to balance governance and developer freedom.

Stern Cybersecurity

Stern Cybersecurity

Stern Cybersecurity offers a robust defense against the ever-evolving landscape of digital threats.