Government urges businesses to take action as cyber security breaches double

The average cost of the most severe online security breach for big business now starts at a staggering £1.46 million – up from £600,000 in 2014. That’s according to UK Government research findings issued to raise awareness of the growing cyber threat. 

The Information Security Breaches Survey 2015, published by digital economy minister Ed Vaizey and launched at the Infosecurity Europe event, shows the rising costs of malicious software attacks and staff-related breaches while also illustrating the overriding need for companies to take decisive and swift action.

For SMEs, the most severe breaches can now reach costs as high as £310,800, up from £115,000 in 2014.

Pleasingly, more firms are taking action to tackle the cyber threat, with a third of organisations now using the Government’s Ten Steps to Cyber Security guidance. That’s up from a quarter in 2014.

Meanwhile, nearly half (49%) of all organisations have either achieved a Cyber Essentials badge to protect themselves from common Internet threats or plan to attain one at some point during the next year.

Key findings from the research

The major findings of the Information Security Breaches Survey 2015 are as follows:

*90% of large organisations reported that they have suffered from an information security breach, while 74% of SMEs report the same occurrence

*For companies with over 500 employees on the books, the average cost of the most severe cyber breach is now between £1.46 million and  £3.14 million

*For SMEs, the average cost of the worst breach is somewhere between £75,000 and £310,800

*Attacks perpetrated by outsiders have become a greater threat for both small and large-scale businesses

*75% of large businesses and 30% of smaller organisations have suffered from staff-related breaches

“The UK’s digital economy is strong and growing,” said Vaizey, “which is why British businesses remain an attractive target for cyber attack. The cost of such episodes is rising dramatically. Businesses that take this threat seriously are not only protecting themselves and their customers’ data but also securing a competitive advantage.”

Vaizey concluded by stating: “I would urge businesses of all sizes to make use of the help and guidance available from Government and to take up the Cyber Essentials Scheme.”

Guidance from Government

Indeed, there’s a raft of free guidance available from Government to help businesses secure themselves against costly cyber security breaches. For its part, Cyber Essentials is a Government-backed and industry-supported initiative designed to protect businesses of all sizes against the common threats found on the Internet.

Andrew Miller, cyber security director at PwC, explained: “With nine out of ten respondents to the survey reporting a cyber breach in the past year, every organisation needs to be considering how they defend and deal with the cyber threats they face. Breaches are becoming increasingly sophisticated, often involving internal staff to amplify their effect. The impacts we are beginning to see are both increasingly long-lasting and costly to deal with.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts