UK cyber defences faltering as half of businesses hit by cyber attack, according to Government survey
The cyber defences of UK businesses are faltering as 50 per cent of businesses reported a cyber attack or breach over the past 12 months, according to the government’s latest Cyber security breaches survey 2024.
The figure rose substantially among medium businesses (70 per cent) and large businesses (74 per cent), while 32 per cent of charities were subject to an attack or breach.
Phishing was by far the most common threat type facing businesses, attacking 84 per cent of targeted businesses. While organisation impersonation and virus or other malware were the next most common threatening 35 per cent and 17 per cent of targeted businesses respectively.
The increased threat landscape comes despite a rise in cyber hygiene, with 83 per cent using up-to-date malware protection, up from 76 per cent last year, and 75 percent deploying network firewalls, up from 66 per cent.
The most disruptive breach over the past year cost each business an average of approximately £1,205.
Commenting on the findings, Achi Lewis, Area VP EMEA for Absolute Software, said: “From the Prime Minister to large enterprises to charities, anyone and everyone can be targeted by a malicious cyber attack. It’s more important than ever for organisations to have cyber resilience underpinning robust defence measures, emphasising reactive, preventative, and recovery procedures, as threats are a case of when not if.”
“Especially in today’s work-from-anywhere world, security teams need visibility over an organisation’s entire network to protect devices, applications, and ultimately staff. Secure access technology can establish trust between devices and a network, alerting centralised IT teams to suspicious behaviour and providing them with the power to freeze or even shut down potentially compromised devices. An approach to security that includes cyber resilience built into defences is the best way for targeted organisations to ensure their measures are working as needed to avoid being breached.”
In total, 31 per cent of businesses claimed they have undertaken cyber security risk assessment over the past year, while a third (33 per cent) deployed security monitoring tools to bolster their defences.
Cybersecurity expert Oseloka Obiora, CTO, RiverSafe, commented: “There is no doubt that developments such as AI have made the job of security teams more difficult over the past year, increasing the volume and sophistication of external threats, as well as creating an open door for insider threat through tools like ChatGPT. Now, organisations need to be even more aggressive with their response and remediation plans if they are to withstand a new flavour of AI-generated cyber attacks.”
“To increase preparedness, security teams need robust network visibility to enable them to swiftly detect and address vulnerabilities across systems, mitigating the impact of cyber threats, especially across complex or dispersed IT systems.”
The number of businesses insured against cyber security risks rose from 37 per cent to 43 per cent over the past 12 months, a figure which rises among medium and large companies.