In a recent study, an alarming number of UK businesses and charities report having faced cyber security breaches or attacks in the past year, highlighting a growing threat landscape that requires immediate attention.  The study, conducted over the last 12 months, unveils that half of all businesses and about a third of charities have been victims of cyber incidents, with medium and large-sized businesses, alongside high-income charities, bearing the brunt. 

Phishing: The foremost threat 

Dominating the cyber-attack landscape, phishing attempts have been identified as the most prevalent form of attack, affecting 84% of businesses and 83% of charities.  Far less common, yet significant, were instances of impersonation and malware infections, showcasing the sophisticated tactics employed by cybercriminals to compromise organisational security. 

Financial implications 

The financial toll of these breaches is substantial, with the average cost of the most disruptive incident for businesses reaching approximately £1,205 and a staggering £10,830 for medium and large enterprises. Charities have not been spared, facing an average cost of £460 per incident. 

Cyber hygiene and risk management 

In response to these threats, the study emphasises the importance of cyber hygiene, noting an uptick in the adoption of basic security measures like malware protection and network firewalls.  Despite improvements, the survey reveals that a significant portion of organisations, especially smaller ones, lack formal procedures to manage supply chain risks effectively. 

Corporate governance and cyber resilience 

The report sheds light on the critical role of board engagement in fostering a culture of cyber resilience.  It notes a stable trend in the prioritisation of cyber security among senior management across the board, with larger organisations displaying more sophisticated governance structures.  However, challenges remain, particularly in smaller entities where cyber security often relies on external contractors due to a lack of in-house expertise. 

Incident response and cyber crime 

The study highlights a discrepancy between organisations' intended actions following a cyber incident and their actual preparedness, with a minority having established processes in place.  Moreover, it distinguishes between general cyber security breaches and cyber crimes, with a specific focus on phishing, which remains the most common form of cyber crime. 

Looking forward 

As cyber threats evolve in sophistication, the urgency for businesses and charities to bolster their cyber defences and incident response mechanisms cannot be overstated.  The study's findings call for a concerted effort towards enhancing cyber literacy, adopting comprehensive security measures, and fostering a culture of resilience against the backdrop of an increasingly hostile digital landscape. 

The findings serve as a stark reminder of the pervasive nature of cyber threats and the imperative for continuous vigilance and proactive defence strategies in safeguarding the digital assets of organisations across the UK. 

If you’d like to find out about how we can protect your business, please visit ➡️ www.kickict.co.uk/kicksecure.  We’re here to help.