New statistics from the Department for Digital, Culture, Media and Sport (DCMS) have shown a reduction in the percentage of businesses suffering a cyber breach or attack in the last year.
The 2019 Cyber Security Breaches Survey shows that 32 per cent of businesses identified a cyber security attack in the last 12 months - down from 43 per cent the previous year.
The reduction is partly due to the introduction of tough new data laws under the Data Protection Act and the General Data Protection Regulations (GDPR). Thirty per cent of businesses and 36 per cent of charities have made changes to their cyber security policies and processes as a result of GDPR coming into force in May 2018.
However, of those businesses that did suffer attacks, the typical median number of breaches has risen from four in 2018 to six in 2019. Therefore, businesses and charities suffering cyber attacks and breaches appear to be experiencing more attacks than in previous years.
Where a breach has resulted in a loss of data or assets, the average cost of a cyber attack on a business has gone up by more than £1,000 since 2018 to £4,180. Business leaders are now being urged to do more to protect themselves against cybercrime.
The most common breaches or attacks were phishing emails, followed by instances of others impersonating their organisation online, viruses or other malware including ransomware.
Digital minister Margot James said: “Following the introduction of new data protection laws in the UK it’s encouraging to see that business and charity leaders are taking cyber security more seriously than ever before. However, with less than three in 10 of those companies having trained staff to deal with cyber threats, there’s still a long way to go to make sure that organisations are better protected.
“We know that tackling cyber threats is not always at the top of business and charities list of things to do, but with the rising costs of attacks, it’s not something organisations can choose to ignore any longer.”
Through the CyberFirst programme, the government is working with industry and education to improve cyber security and get more young people interested in taking up a career in cyber. The Cyber Discovery initiative has already encouraged 46,000 14 to 18 year olds to get on a path towards the cyber security profession, over 1,800 students have attended free CyberFirst courses and nearly 12,000 girls have taken part in the CyberFirst Girls competition.
The government’s initial Cyber Skills Strategy, published in December, will be followed by a full strategy later this year.
Business and charity leaders are being encouraged to download the free small business guide and free small charity guide to help make sure that they don’t fall victim to cyber attacks. This is available through the National Cyber Security Centre (NCSC).