26 Apr UK.gov survey shines light on cybersecurity threats to businesses
Phishing and ransomware remain the most pressing security threats for UK business, according to a government-backed survey out Wednesday.
The survey, commissioned by the Department for Culture, Media and Sport, found that the most common types of breaches are related to staff receiving fraudulent emails (in 72 per cent of cases where firms identified a breach or attack). The next most common related to viruses, spyware and malware (33 per cent), people impersonating the organisation in emails or online (27 per cent) and ransomware (17 per cent).
Among the 46 per cent of companies that detected breaches in the last 12 months, the average business faces costs of £1,570 as a result of these breaches, a lot lower than figures from comparable surveys. Losses for larger firms came out at just under £20,000.
Half of 1,500 firms surveyed (52 per cent) have enacted basic technical controls as recommended by the UK government-endorsed Cyber Essentials scheme. Nine in ten businesses regularly update their software and malware protections, configuring firewalls or securely backing up their data, but only around two-thirds (69 per cent) have guidance on acceptably strong passwords.
External reporting of breaches remains uncommon. Only a quarter (26 per cent) reported their most disruptive breach externally to anyone other than a cyber security provider.