Ministers have called on businesses to take further action to protect themselves against cyber crime despite a government survey showing that the percentage of UK businesses experiencing cyber security breaches fell to just under a third (32 per cent) from 43 per cent last year.

The results of the Department for Culture Media and Sport’s annual cyber crime survey revealed that moves from UK businesses and charities to upgrade their defences following the introduction of tough new laws have driven down the overall number of reported breaches in 2019.

Overall, 30 per cent of businesses and 36 per cent of charities have improved their cyber security policies to comply with the General Data Protection Regulations (GDPR) since its implementation in May last year.

However, despite the 11 per cent reduction in reported breaches, the survey found a less encouraging picture for those businesses were most vulnerable to attack, with the typical median number of breaches rising to six, up from four in 2018.

Nearly half (48 per cent) of businesses and 39 per cent of charities which were breached or attacked identified at least one breach or attack every month. Where a breach resulted in a loss of data or assets, the average cost of a cyber attack on a business rose to £4,180 – up by more than £1,000 since 2018.

The most common breaches or attacks were phishing emails, followed by instances of others impersonating their organisation online, viruses or other malware including ransomware.

Research carried out by progressive technology provider Evaris into the survey found that smaller businesses were more at risk to cyberattacks than larger firms, with 31 per cent of micro and small businesses identifying breaches in 2018-2019 (this figure was 42 per cent in 2017-2018), compared to 60 per cent of medium-sized firms and 61 per cent of large companies.

However, the average annual cost for medium firms was £9,270 and £22,700 for large companies, Evaris said. Among those that identified cyber attacks, 25 per cent of medium firms and 20 per cent of large firms have these at least once a week.

Responding to the survey, digital minister Margot James said it was “encouraging” to see that business and charity leaders were taking cyber security “more seriously”.

However, she added that with less than three in 10 of companies having trained staff to deal with cyber threats, there was “still a long way to go” to make sure that organisations are better protected.

Clare Gardiner, director of engagement at the National Cyber Security Centre, said: “The cyber security landscape remains complex and continues to evolve, and organisations need to continue to be vigilant.”

Share Story: