Over 40 per cent of businesses and nearly 20 per cent of charities reported a cyber-security breach or attack within the last 12 months.
When such breaches occur, businesses and charities can suffer a variety of problems, including spending huge sums on new cyber-security measures and workers being unable to carry out their daily responsibilities. Looking at the numbers, the average cost of a cyber-security breach for businesses is £3,100 and £1,030 for charities.
Despite the growing presence of cyber-attacks, research shows that businesses and charities still lack the proper measures to stop threats. While almost 75 per cent of businesses and over 50 per cent of charities rank cyber-security as high priority for their organisation, less than 30 per cent of businesses and 20 per cent of charities currently have formal cyber-security policies.
Overall, businesses spent an average of £3580 on cyber security last year. The number greatly increases for medium businesses (£41,600) and large businesses (£149,000). Charities spent an average of £3,600. However, nearly 30% of businesses and 60% of charities spent nothing on cyber security!
Factors related to the likelihood of a breach
- Holding personal data on customers, beneficiaries or donors electronically
- Using cloud computing (externally hosted web services) to host websites, email or transfer and store data
- Allowing employees to use their own devices for work
Most disruptive breaches in the past 12 months
- Fraudulent emails or direction to fraudulent websites
- Viruses, spyware or malware
- Others impersonating an organisation in emails or online
Impact of breaches
- Temporary loss of access to files or networks
- Software or systems corrupted or damaged
- Website or online services being taken down or slowed
Time taken to recover from breaches
The average amount of time organisations spent dealing with their most disruptive breach or attack within the last 12 months:
All businesses – 1 day
Small businesses – 0.9 days
Large businesses – 3.4 days
All charities – 1.1 days
Financial cost of breaches
The average cost of breaches with material outcomes in the past 12 months:
All businesses – £3100
Charities – £1030
Medium businesses – £16,100
Large businesses – £22,300
Steps you can take
- Create or update your data and cyber security policies and procedures
- Provide additional staff training and communications
- Carry out a detailed post-incident review
- Create or update backup plans
Even with proper cyber security measures in place, the potential damage a cyber attack can cause your organisation is significant. It is important to provide yourself with peace of mind by purchasing cyber insurance. Contact one of our business insurance experts today for more information.
Source: 2018 Cyber Security Breaches Survey, commissioned by the Department for Digital, Culture, Media & Sport as part of the National Cyber Security Programme.