Adrian Johnson
TLDR:
Half of UK businesses and a third of charities reported cyber incidents in the last year, with phishing being the most common attack method. Large businesses were most affected. Many organizations were able to restore operations within 24 hours, but some suffered negative outcomes. The financial costs of breaches varied by business size. A significant portion of businesses were impacted in various ways, including added staff time and new security measures.
Article Summary:
According to the UK Government’s Cyber Security Breaches Survey 2024, half of UK businesses and a third of charities experienced a cyber incident or data breach in the past year, with phishing being the primary attack method. Large businesses were the most affected, followed by medium-sized and small businesses. The majority of organizations were able to restore their operations within 24 hours of the incident, but some reported negative outcomes such as website downtime and financial loss.
The study also revealed the financial costs of breaches, with medium/large businesses facing higher costs compared to micro/small businesses. Businesses were impacted in various ways beyond financial costs, including added staff time, new security measures, and disruptions to daily work. The report highlighted a lack of focus on cybersecurity risk management and incident response, with only a small percentage of businesses conducting cybersecurity risk assessments or having formal incident response plans.
Experts in the industry emphasized the importance of implementing security controls to prevent cyber threats and attacks, as well as prioritizing compliance with cybersecurity regulations. They also highlighted the need for businesses to review the risks posed by their immediate suppliers and prioritize supply chain security. The survey findings indicate a significant increase in cyber attacks and breaches in the past year, underscoring the importance of bolstering cybersecurity measures and digital resilience.
