NCSC Cyber Security Breaches Survey 2022

The Cyber Security Breaches Survey is an influential research study for Britain's cyber resilience, aligning with the National Cyber Strategy. 

Now in its sixth consecutive year, the cyber security breaches survey is a government research study for UK cyber resilience. 

The study explores the policies, processes, and approaches to cyber security for businesses, charities, and educational institutions. 

It also considers the different cyber attacks these organisations face, as well as how these organisations are impacted and respond.

Cyber Attacks

The survey results show that in the last 12 months, 39% of UK businesses identified a cyber attack, remaining consistent with previous years of the survey.  However, we also find that enhanced cyber security leads to higher identification of attacks, suggesting that less cyber mature organisations in this space may be under reporting.

Proportion of UK businesses identifying cyber attacks each year
2017    2018    2019    2020    2021    2022
  
46%      43%       32%       46%      39%       39%

Attack Type

Of the 39% of UK businesses who identified an attack, the most common threat vector was phishing attempts (83%). Of the 39%, around one in five (21%) identified a more sophisticated attack type such as a denial of service, malware, or ransomware attack. Despite its low prevalence, organisations cited ransomware as a major threat, with 56% of businesses having a policy not to pay ransoms.

Frequency & Impact

Within the group of organisations reporting cyber attacks, 31% of businesses and 26% of charities estimate they were attacked at least once a week. One in five businesses (20%) and charities (19%) say they experienced a negative outcome as a direct consequence of a cyber attack, while one third of businesses (35%) and almost four in ten charities (38%) experienced at least one negative impact.

Cost Of Attacks

Looking at organisations reporting a material outcome, such as loss of money or data, gives an average estimated cost of all cyber attacks in the last 12 months of £4,200. Considering only medium and large businesses; the figure rises to £19,400. We acknowledge the lack of framework for financial impacts of cyber attacks may lead to underreporting.

Cyber Hygiene

The NCSC guidance 10 Steps to Cyber Security breaks down the task of protecting an organisation into 10 key components.  The survey finds 49% of businesses and 40% of charities have acted in at least five of these 10 areas. In particular, access management surveyed most favourably, while supply chain security was the least favourable.

Board Engagement

Around four in five (82%) of boards or senior management within UK businesses rate cyber security as a ‘very high’ or ‘fairly high’ priority, an increase on 77% in 2021. 72% in charities rate cyber security as a ‘very high’ or ‘fairly high’ priority. Additionally, 50% of businesses and 42% of charities say they update the board on cyber security matters at least quarterly.

Size Differential

Larger organisations are correlated throughout the survey with enhanced cyber security, likely as a consequence of increased funding and expertise. For large businesses’ cyber security; 80% update the board at least quarterly, 63% conducted a risk assessment, and 61% carried out staff training; compared with 50%, 33% and 17% respectively for all businesses.

Risk Management

Just over half of businesses (54%) have acted in the past 12 months to identify cyber security risks, including a range of actions, where security monitoring tools (35%) were the most common. Qualitative interviews however found that limited board understanding meant the risk was often passed on to; outsourced cyber providers, insurance companies, or an internal cyber colleague.

Proportion of UK businesses acting to identify cyber risks each year
2017    2018    2019    2020    2021    2022
  57%      56%     62%      64%      52%       54%

Out-Sourcing & Supply Chain

Small, medium, and large businesses outsource their IT and cyber security to an external supplier 58%, 55%, and 60% of the time respectively, with organisations citing access to greater expertise, resources, and standard for cyber security. 

Consequently, only 13% of businesses assessed the risks posed by their immediate suppliers, with organisations saying that cyber security was not an important factor in the procurement process.

Incident Management

Incident management policy is limited with only 19% of businesses having a formal incident response plan, while 39% have assigned roles should an incident occur. In contrast, businesses show a clear reactive approach when breaches occur, with 84% of businesses saying they would inform the board, while 73% would make an assessment of the attack.

External Engagement

Outside of working with external cyber security providers, organisations most keenly engage with insurers, where 43% of businesses have an insurance policy that cover cyber risks. On the other hand, only 6% of businesses have the Cyber Essentials certification and 1% have Cyber Essentials plus, which is largely due to relatively low awareness.

NCSC:    Gov.UK:    Gov.UK:   Gov.UK:   Law Society:    IPSOS:     DAC Beechcroft

You Might Also Read: 

Over 40% Of UK Organisations Reported To ICO Since GDPR:

 

« British Parliament Shuts Down Its TikTok Account
Why You Must Report A Cyber Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

idappcom

idappcom

idappcom provides unique industry approved software solutions for auditing and enhancing the threat recognition and response capabilities of your corporate security defences.

Igloo Security

Igloo Security

Igloo Security is a leader and pioneer in SIEM (Security Information & Event Management), PSIM (Physical Security Information Management) and MSS (Managed Security Services).

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER)

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER)

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) addresses the emerging threats of tomorrow while protecting the reliable flow of energy to Americans today.

Cyber Security Centre - Daffodil International University

Cyber Security Centre - Daffodil International University

Cyber Security Centre, DIU is a non-profitable organization which is focused on applied research in cyber security.

DigiByte (DGB)

DigiByte (DGB)

DigiByte (DGB) is a rapidly growing global blockchain with a focus on cybersecurity for digital payments & decentralized applications.

Reed

Reed

reed.co.uk is a leading job site in the UK, providing a full online service for anyone looking for a new job.

Digital Fingerprints

Digital Fingerprints

Digital Fingerprints provides continuous authentication with behavioural biometrics. Protection against account takeover and session takeover. Compliant with GDPR and PSD2.

Nominet

Nominet

Nominet's cyber division offers network detection and response services to governments and enterprises worldwide.

StickmanCyber

StickmanCyber

At StickmanCyber we are on a mission to create a digital world that is safe for everyone - we are your trusted cybersecurity partner.

Cynomi

Cynomi

Cynomi is a leading strategic cybersecurity operations platform that automates cybersecurity knowledge and expertise to empower teams with little to no in-house expertise.

HarfangLab

HarfangLab

HarfangLab develops a hunting software to boost detection and neutralization of cyberattacks against companies endpoints.

Network Perception

Network Perception

Network Perception proactively and continuously assures the security of critical OT assets with intuitive network segmentation verification and visualization.

AVEVA

AVEVA

AVEVA has a long history in providing Supervisory Control and Data Acquisition software for meeting complex and evolving automation requirements.

MajorKey Technologies

MajorKey Technologies

MajorKey improves security performance by reducing user friction and business risk, empowering your people, and protecting your IP.

OneCollab

OneCollab

OneCollab, your unwavering ally in the dynamic landscape of IT services and cybersecurity.

nandin Innovation Centre

nandin Innovation Centre

nandin is ANSTO’s Innovation Centre (Australian Nuclear Science and Technology Organisation) where science and technology entrepreneurs, startups and graduates come together.