Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

UK businesses face weekly cyber attacks - report

Cyber-security breaches have cost UK businesses billions over the last year

Article comments

Large organisations in the UK have been hit with an average of 54 cyber attacks over the last year, with 15 percent admitting to have had their networks successfully penetrated by hackers.

In a survey of 447 organisations conducted by PwC, 70 percent of large organisations said they had detected significant attempts to break into their networks, and one in seven detected hackers within their systems – the highest level recorded since the early 90s.

Meanwhile, 15 percent of small businesses were hit by denial of service (DoS) attacks in the last year, according to PwC's 2012 Information Security Breaches Survey (ISBS), carried out in conjunction with Infosecurity Europe and supported by the Department for Business, Innovation and Skills.

The average cost of a large organisation’s worst security breach is between £110,000 and £250,000 and from £15,000 to £30,000 for a small business. Overall, cyber-security breaches have cost UK plc billions of pounds over the last year.

“The UK is under relentless cyber attack,” said PwC information security partner Chris Potter. “Since most businesses now share data with their business partners across the supply chain, these numbers are startling and make uncomfortable reading for business leaders.”

Potter added that, while large organisations are more likely to be targeted by hackers, small businesses tend to have less mature controls, and so may not detect the more sophisticated attacks.

Commenting on the news, Universities and Science Minister David Willetts said it was a timely reminder for UK businesses to make sure their information systems are protected.

“The survey demonstrates why the government is right to be investing £650m to improve cyber security and make the UK one of the safest places to do business in cyberspace,” he said. “We will use the findings to help design a new annual survey of cyber security breaches beginning next year.”

PwC's ISBS report also examines the impact of staff-related breaches such as data protection breaches, data loss events and computer frauds. Overall, 93 percent of large organisations and 76 percent of small businesses admitted to having suffered a security breach in the last year.

The root cause is often a failure to educate staff, particularly within small businesses, said Potter. According to the research, 54 percent of small businesses do not have any programme for educating their staff about security risks, and this often results in organisations being forced to take emergency measures after a breach has occurred.

“Given that most organisations take a lot of action after a breach to tighten up their security, scrimping and saving on security creates a false economy,” he said. “The cost of dealing with breaches and the knee-jerk responses afterwards usually outweigh the cost of prevention.”

In large businesses, there are signs of complacency setting in, according to the report, with 20 percent spend less than one percent of their IT budget on information security – far less than the average of eight percent. This is largely because it is hard to measure the business benefits from spending money on security defences, added Potter.

The Information Commissioner's Office currently has the power to issue fines of up to £500,000 for breaches of the Data Protection Act. Last week both Leicestershire County Council and Toshiba were named and shamed for leaking sensitive data.

Meanwhile, the European Commission plans to issue a single set of rules on data protection that will apply across the whole of the EU. Under the new rules, companies suffering data breaches will have 24 hours to tell the relevant authorities or risk legal action and large fines.

Infosecurity Europe runs from the 24th – 26th April 2012, in Earls Court, London.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *