The average cost of the most severe online security breach for big business now starts at a staggering £1.46 million – up from £600,000 in 2014. That’s according to UK Government research findings issued to raise awareness of the growing cyber threat.
The Information Security Breaches Survey 2015, published by digital economy minister Ed Vaizey and launched at the Infosecurity Europe event, shows the rising costs of malicious software attacks and staff-related breaches while also illustrating the overriding need for companies to take decisive and swift action.
For SMEs, the most severe breaches can now reach costs as high as £310,800, up from £115,000 in 2014.
Pleasingly, more firms are taking action to tackle the cyber threat, with a third of organisations now using the Government’s Ten Steps to Cyber Security guidance. That’s up from a quarter in 2014.
Meanwhile, nearly half (49%) of all organisations have either achieved a Cyber Essentials badge to protect themselves from common Internet threats or plan to attain one at some point during the next year.
Key findings from the research
The major findings of the Information Security Breaches Survey 2015 are as follows:
*90% of large organisations reported that they have suffered from an information security breach, while 74% of SMEs report the same occurrence
*For companies with over 500 employees on the books, the average cost of the most severe cyber breach is now between £1.46 million and £3.14 million
*For SMEs, the average cost of the worst breach is somewhere between £75,000 and £310,800
*Attacks perpetrated by outsiders have become a greater threat for both small and large-scale businesses
*75% of large businesses and 30% of smaller organisations have suffered from staff-related breaches
“The UK’s digital economy is strong and growing,” said Vaizey, “which is why British businesses remain an attractive target for cyber attack. The cost of such episodes is rising dramatically. Businesses that take this threat seriously are not only protecting themselves and their customers’ data but also securing a competitive advantage.”
Vaizey concluded by stating: “I would urge businesses of all sizes to make use of the help and guidance available from Government and to take up the Cyber Essentials Scheme.”
Guidance from Government
Indeed, there’s a raft of free guidance available from Government to help businesses secure themselves against costly cyber security breaches. For its part, Cyber Essentials is a Government-backed and industry-supported initiative designed to protect businesses of all sizes against the common threats found on the Internet.
Andrew Miller, cyber security director at PwC, explained: “With nine out of ten respondents to the survey reporting a cyber breach in the past year, every organisation needs to be considering how they defend and deal with the cyber threats they face. Breaches are becoming increasingly sophisticated, often involving internal staff to amplify their effect. The impacts we are beginning to see are both increasingly long-lasting and costly to deal with.”