The release of the Government’s Cyber Breaches Survey 2020 last week contains some fascinating statistics about the nature and scale of cyber-crime affecting UK businesses.
Produced by the Department for Digital, Culture, Media and Sport (DCMS) and Ipsis MORI, the annual Cyber Breaches survey is one of the most reliable business and charity-focused indicators of cyber-crime.
• 46% of businesses suffered at least one cyber attack or breach in the last 12 months – an increase from 32% the year before;
• Only 37% of businesses have a Board member with specific responsibility for cyber security;
• Only 38% of businesses have a formal cyber policy in place – and almost half of those review it every six months;
• Only 38% of businesses who had suffered a breach reported it to an outside organisation – with only 6% of businesses reporting it to Action Fraud.
Commenting on the survey’s results, Simon Newman, Head of Cyber and Business Services for Police Crime Prevention Initiatives said: “The statistics lay bare the nature and scale of the problem affecting UK businesses. It’s worrying that almost half of all businesses have suffered at least one cyber attack or breach within the last 12 months and that a third of those businesses take no action at all to reduce their vulnerability after they have fallen victim”.
“Businesses constantly need to be at the top of their game. With the frequency and volume of attacks growing, cyber criminals are becoming increasingly sophisticated in the way they target businesses, so it’s good to see the survey include a focus on supply chains for the first time.”
“There are also some worrying messages for Government and the law enforcement community. Just 2% of businesses turn to Government for information about cyber security which is reflected in a lack of awareness about government-backed schemes, including Cyber Essentials. It’s clear that we need to work more smartly together in support of the National Cyber Security Strategy. We need to ensure that businesses have access to trusted, impartial and up to date advice that will help them reduce their vulnerability to the overwhelming majority of cyber crime”.
“There are however, some encouraging signs that businesses are responding to the threat. With 80% of businesses seeing cyber security as a high priority, businesses are becoming better at understanding how cyber-crime may affect them and are increasingly likely to implement cyber policies within their organisation. Staff are also playing their part in reporting suspected attacks or breaches, helping businesses deal with them more quickly, thereby reducing the potential impact.”
Find out how the Police Digital Security Centre are working to reduce the vulnerability of organisations to cyber crime and fraud at www.policedsc.com