On the 19th April DCMS and the National Cyber Security Centre (NCSC) published the Cyber Security Breaches Survey 2017. According to the Survey, nearly 46 per cent of UK businesses had identified at least one cyber breach in the last 12 months.
The Survey found that the most common form of breach came in the form of fraudulent emails (72 per cent), which has highlighted the importance of training and educating staff about cyber threats faced by businesses. Currently, only 20 per cent of companies surveyed provide their staff with cyber training, and only 30 per cent have formal policies in place, despite an overwhelming percentage (74 per cent) of directors and senior managers claiming that cyber security is a high priority.
Breaches in the form of viruses and malware, and organisation impersonation were also found to be common. Companies tended to be alert to these types of threats, with almost nine in ten regularly updating their software protections and nearly eight in ten restricting IT and admin rights to specific users.
The Survey also highlighted that firms holding personal data were more likely to be targeted by hackers. Of the companies who reported breaches, significant numbers experienced a loss of temporary files or had a permanent loss or change of personal data.
Small businesses could be hit hard by cyber breaches, with almost one in five taking a day or more to recover from a serious incident.
In response to the Survey DCMS has issued some guidance on how businesses can act to best secure the data they hold. The Government has suggested guidance on acceptably strong passwords, introducing formal policies on managing cyber risk, encouraging staff to receive cyber training, and creating contingency plans to manage cyber incidents.
The Cyber Security Breaches Survey serves as a reminder of the types and increasing frequency of cyber threats facing businesses across the UK. The report also gives insight into the nature of the attacks, and highlights the vulnerability of personal data held by companies. While it is encouraging to see a significant number of businesses recognising importance of safeguarding against cyber attacks, the survey serves as a stark reminder of the continued vigilance needed by industry to mitigate against what is an evolving threat.
For techUK’s response to the Cyber Security Breach Survey, please click here.