The average cost of cyber crime for medium and small firms was £3,070 and £1,380 respectively, cost still being incurred despite three quarters of firms surveyed indicating the issue is a high priority for senior management.
Led by the National Cyber Security Centre, the government study concluded “virtually all” uk businesses covered by the survey are apposed to cyber security risks.
Ciaran Martin, CEO of the National Cyber Security Centre, said: “The majority of successful cyber attacks are not that sophisticated but can cause serious commercial damage. By getting the basic defences right, businesses of every size can protect their reputation, finances and operating capabilities.”
Firms holding personal data are more lily to be attacked, it was determined, with fraudulent emails, virus and malware the most common attacks being reported.
Steven Malone, director of security product management at Mimecast, noted: “Cyber criminals continue to be incredibly sophisticated at bypassing traditional security measures with email related attacks and as we have seen in our own research.
“Some 64 per cent of businesses experienced a loss because of an email-based impersonation attack last year.”
Average investment in cyber security in last financial year
With nearly half of all UK companies suffering from cyber crime in the last year, the government hopes its Cyber Essentials scheme will be able to provide adequate guidance on protect against threats.
However, some company owners feel more needs to be done to provide adequate assistance. One particular small business said: “There’s some information that comes through from the FCA, but I think it’s quite limited in terms of cyber security. As a regulated firm the FCA is always my first port of call, [but]you’d expect it to be more tailored to the financial industry.”
Theresa May’s administration has committed to investing £1.9bn to protect the UK from cyber crime, in an effort to make it the safest place to live and do business online.
Breaches most commonly resulted in a temporary loss of files (at a quarter), while a fifth and software or systems corrupted. One in ten lost access to third party systems relied upon, and the same amount had a website taken down or slowed.
Research showed that there has been an improvement in updating software to stay ahead of cyber criminals, driven largely by businesses of the micro and small variety.
Stronger passwords, cyber security training and incident management plans were listed by the government as areas where businesses could do much more to protect digital assets.
Ways in which businesses have evaluated cyber security spending
Greg Day, VP and chief security officer for EMEA at Palo Alto Networks on the report, commented: “To prevent successful breaches today and to prepare UK business for significant changes in security regulations in only 12 months’ time, it is vital that we bring leadership teams together.
“There are many simple steps that can be taken, including adding more cyber security talent on boards and efforts to get both sides talking a common language on the issues involved. We’re confident organisations will rise to the challenge but it is vital they take a preventative approach and that some advance their strategies more aggressively than the DCMS report suggests.”
Martin’s warning was simple: “UK businesses must treat cyber security as a top priority if they want to take advantage of the opportunities offered by the UK’s vibrant digital economy.”