Cyber-Security Breaches Survey 2018

Over 40 per cent of businesses and nearly 20 per cent of charities reported a cyber-security breach or attack within the last 12 months. 

When such breaches occur, businesses and charities can suffer a variety of problems, including spending huge sums on new cyber-security measures and workers being unable to carry out their daily responsibilities. Looking at the numbers, the average cost of a cyber-security breach for businesses is £3,100 and £1,030 for charities.

Despite the growing presence of cyber-attacks, research shows that businesses and charities still lack the proper measures to stop threats. While almost 75 per cent of businesses and over 50 per cent of charities rank cyber-security as high priority for their organisation, less than 30 per cent of businesses and 20 per cent of charities currently have formal cyber-security policies.

Overall, businesses spent an average of £3580 on cyber security last year. The number greatly increases for medium businesses (£41,600) and large businesses (£149,000). Charities spent an average of £3,600. However, nearly 30% of businesses and 60% of charities spent nothing on cyber security!

Factors related to the likelihood of a breach

  1. Holding personal data on customers, beneficiaries or donors electronically
  2. Using cloud computing (externally hosted web services) to host websites, email or transfer and store data
  3. Allowing employees to use their own devices for work

Most disruptive breaches in the past 12 months

  1. Fraudulent emails or direction to fraudulent websites
  2. Viruses, spyware or malware
  3. Others impersonating an organisation in emails or online
  4. Ransomware

Impact of breaches

  1. Temporary loss of access to files or networks
  2. Software or systems corrupted or damaged
  3. Website or online services being taken down or slowed

Time taken to recover from breaches

The average amount of time organisations spent dealing with their most disruptive breach or attack within the last 12 months:

All businesses –  1 day

Small businesses – 0.9 days

Large businesses – 3.4 days

All charities – 1.1 days

Financial cost of breaches

The average cost of breaches with material outcomes in the past 12 months:

All businesses – £3100

Charities – £1030

Medium businesses – £16,100

Large businesses – £22,300

Steps you can take

  1. Create or update your data and cyber security policies and procedures
  2. Provide additional staff training and communications
  3. Carry out a detailed post-incident review
  4. Create or update backup plans

Even with proper cyber security measures in place, the potential damage a cyber attack can cause your organisation is significant. It is important to provide yourself with peace of mind by purchasing cyber insurance. Contact one of our business insurance experts today for more information.

Source: 2018 Cyber Security Breaches Survey, commissioned by the Department for Digital, Culture, Media & Sport as part of the National Cyber Security Programme.