- Select Prime members can get Kindle Unlimited for 3 months at no cost - here's how
- Modernization means putting developers in the driver’s seat
- Get a free iPhone 16 Pro for free from T-Mobile, no trade in required - here's how
- The LG C4 OLED for $800 off is one of the best Prime Day TV deals right now
- Prime members can save $10 on any $20 or more Grubhub+ order for a limited time - here's how
A Third of UK Businesses Experience Cyber-Attacks at Least Once a Week
Around a third (31%) of businesses experience cyber-attacks or breaches at least once a week, according to new figures published in the UK government’s Cyber Security Breaches Survey 2022 report.
Over a quarter (26%) of charities also reported being hit by attacks at least once a week, and the government is urging all organizations to strengthen their cybersecurity practices in response to the growing threat landscape.
The annual survey of UK businesses, charities and education institutions found that around two in five (39%) companies and roughly a third (30%) of charities experienced breaches or attacks in the past 12 months. This is a similar proportion to that reported in last year’s survey. One in five businesses (20%) and charities (19%) admitted they experienced a negative outcome as a direct consequence of a cyber-attack.
Of the 39% of businesses that identified attacks, by far the most common threat vector was phishing (83%). Around one in five (21%) of these firms identified more sophisticated attack types like denial of service, malware or ransomware.
The average estimated cost of all cyber-attacks was £4200 in the past 12 months. However, for medium and large firms, this cost surged to £19,400.
Encouragingly, the report revealed that UK organizations are placing increased attention on the security of supply chains and digital services following numerous high-profile incidents in the past year, such as the Kaseya and Colonial Pipeline attacks. For example, 82% of senior managers now view cybersecurity as a ‘very high’ or ‘fairly high’ priority, significantly up from 77% in 2021.
However, while two in five (40%) of businesses and a third (32%) of charities use at least one managed service provider, just 13% of companies reviewed the risks posed by immediate suppliers.
The report also found that under a fifth (19%) of businesses have a formal incident response plan, while 39% have assigned roles should an incident occur.
The government also emphasized it is not aware of any specific cyber-threats to UK organizations emanating from the Russia-Ukraine conflict, in line with recent NCSC guidance. However, it said businesses should take advised actions amid a period of heightened cyber-threats.
Cyber Minister Julia Lopez commented: “It is vital that every organization takes cybersecurity seriously as more and more business is done online and we live in a time of increasing cyber risk.
“No matter how big or small your organization is, you need to take steps to improve digital resilience now and follow the free government advice to help keep us all safe online.”
At the end of last year, the UK government published a new national cyber strategy to bolster the nation’s defensive and offensive capabilities amid rising attacks from criminal gangs and nation-state actors.
