You are here

Cyber Aware Blog

< Back to all posts

Two thirds of large UK businesses hit by cyber attack in past year

28th June 2016 | Cyber Aware
Two thirds of large UK businesses hit by cyber attack in past year

New research from the Department for Culture, Media and Sport (DCMS) shows that two thirds (65%) of large UK businesses were hit by a cyber breach or attack in the past year.  The Cyber Security Breaches Survey (opens new window) found that while one in four large firms experiencing a breach did so at least once a month, only half of all firms have taken any recommended actions to identify and address vulnerabilities. Even fewer, about a third of all firms, had formal written cyber security policies and only 10% had an incident management plan in place.

The research also shows that 1 in 4 (24%) of all companies experienced a breach, and in some cases the cost of cyber breaches and attacks to business reached millions. The most common attacks (68%) detected involved viruses, spyware or malware which could have been prevented using the Government’s Cyber Essentials (opens new window) scheme or following the advice provided through Cyber Streetwise (opens new window) to keep software and security up to date.

Minister for the Digital Economy at DCMS, Ed Vaizey, said “the UK is a world-leading digital economy and this Government has made cyber security a top priority. Too many firms are losing money, data and consumer confidence with the vast number of cyber attacks. It’s absolutely crucial businesses are secure and can protect data. As a minimum companies should take action by adopting the Cyber Essentials scheme which will help them protect themselves.”

DCMS has also published the Government’s Cyber Governance Health Check (opens new window), which was launched following the TalkTalk cyber attack. It found almost half of the top FTSE 350 businesses regarded cyber attacks as the biggest threat to their business when compared with other key risks - up from 29 per cent in 2014. The Cyber Health Check (opens new window) also found that:

●only a third of the UK’s top 350 businesses understand the threat of a cyber attack; 

●only a fifth of businesses have a clear view of the dangers of sharing information with third parties;

●many firms are, however, getting better at managing cyber risks, with almost two thirds now setting out their approach to cyber security in their annual report.

The research is part of the Government’s rigorous approach to tackling cyber crime, which will see £1.9 billion invested over the next five years.

All firms operating online are encouraged to take action: the 10 Steps to Cyber Security (opens new window) provides advice to large businesses, Cyber Streetwise (opens new window) offers advice to small businesses and the Cyber Essentials (opens new window) scheme shows all firms how to protect against the most common cyber attacks. The Government is also creating a new National Cyber Security Centre (opens new window) offering industry a ‘one-stop-shop’ for cyber security support. The new centre will launch in the autumn.

A new national cyber security strategy will also be published later in 2016 setting out the Government’s plans to improve cyber security for Government, businesses and consumers.