Around a third (31%) of businesses experience cyber-attacks or breaches at least once a week, according to new figures published in the UK government’s Cyber Security Breaches Survey 2022 report.
Over a quarter (26%) of charities also reported being hit by attacks at least once a week, and the government is urging all organizations to strengthen their cybersecurity practices in response to the growing threat landscape.
The annual survey of UK businesses, charities, and educational institutions found that around two in five (39%) companies and roughly a third (30%) of charities experienced breaches or attacks in the past 12 months. This is a similar proportion to that reported in last year’s survey. One in five businesses (20%) and charities (19%) admitted they experienced a negative outcome as a direct consequence of a cyber-attack.
Of the 39% of businesses that identified attacks, by far the most common threat vector was phishing (83%). Around one in five (21%) of these firms identified more sophisticated attack types like denial of service, malware, or ransomware.
The average estimated cost of all cyber-attacks was £4200 in the past 12 months. However, for medium and large firms, this cost surged to £19,400.
Encouragingly, the report revealed that UK organizations are placing increased attention on the security of supply chains and digital services following numerous high-profile incidents in the past year, such as the Kaseya and Colonial Pipeline attacks. For example, 82% of senior managers now view cybersecurity as a ‘very high’ or ‘fairly high’ priority, significantly up from 77% in 2021.
However, while two in five (40%) of businesses and a third (32%) of charities use at least one managed service provider, just 13% of companies reviewed the risks posed by immediate suppliers.
The report also found that under a fifth (19%) of businesses have a formal incident response plan, while 39% have assigned roles should an incident occur. Read more:https://bit.ly/3IV8jqe