UK Cybersecurity Statistics - the impact of virtual criminals

UK Cybersecurity Statistics

Simon
Director
Security Solutions

Guest post by www.broadbandsearch.net

As the internet becomes more and more intertwined with every aspect of our lives, virtual criminals are finding more and more ways to intrude into our personal and professional lives. Our devices and online connections can be exploited to hit us in our most vulnerable spots, and steal data, information, identities, or money.

Cyber-attacks are increasing in frequency all over the world and they can do very real damage to both individuals and companies. Attackers take advantage of every opportunity to make a profit. For instance, £800,000 was lost in the UK since January 2020 alone via phishing scams related to coronavirus.

However, cyber-attacks are much more diverse and there are numerous other aspects to be aware of. Let’s look at some eye-opening statistics.

Who are the victims most often targeted in cyber-attacks?

In the UK, close to a third (32%) of businesses have fallen victim to cyber-attacks in 2019. Charities are also frequent victims, sitting at 22%.

The attacks that are most common and that do the most damage for all these institutions are mostly phishing attacks. They are responsible for a whopping 80% of attacks on both businesses and charities.

In addition to those, we must also mention malware-related attacks (including ransomware, spyware, and assorted viruses), and email scams where attackers are impersonating other organisations.

Because the attacks are so many and so varied, it’s difficult to keep track of all the ways data can be stolen and all the ways criminals can take advantage of unsuspecting users.

What is the impact of cyber-attacks?

Reports show that the overall cost of these cyber-attacks has risen from previous years. Almost all the victims of breaches have suffered negative impacts, whether financial or consisting of data loss. Globally, the financial loss rises to just under £400 billion.

The average cost a UK business suffered because of cyber-attacks was £4,180 last year. That is significantly more than in previous years, as the cost has been steadily rising. Larger, more established businesses with higher revenue suffered even greater costs (between £9,270 and £22,700, depending on size).

Additionally, there are operational costs related to wasted time, effort, and other resources involved in recovering after an attack. The financial impact also tends to be under-reported.

What changes have cyber-attacks generated?

The biggest change we see in the businesses and charities affected is that cyber-security has become an active interest and something that they make a priority. With every passing year, a higher percentage of organisations make provisions for security. They are also investing more in educating, informing, preventing and recovering from cyber-attacks.

Many more businesses and charities now have guidelines, instructions, and training regarding cyber-security, including written policies, dedicated staff training, risk assessment, hired staff in charge of cyber-security, etc.

Larger businesses have also invested in security insurance, to help speed up recovery from cyber-attacks. And it’s working – the number of overall businesses affected has fallen, compared to 2019, even if the financial toll has increased.

How to prevent security breaches?

As with most things, when it comes to cyber-security for UK businesses, charities, and organisations, prevention is key.

  • Education is a highly critical part of it, as lots of people (mostly staff) are still completely uninformed, or misinformed, regarding cyber-security. Dedicated training for staff is not yet carried out in every business (it’s only present in 20% of businesses, unfortunately), but it should be.

According to statistics, human error is to blame for most breaches. Even when employees are aware of security risks, they still fall for them.

  • Implementing even the most minor security measures can make a massive impact. Something as simple as investing in anti-virus software and protecting all devices connected to the business stops a lot of malware, even if unsuspecting employees access it in some way.
  • Dedicated security teams are something more and more organisations are choosing to employ. They can make a big difference when it comes to prevention, as well as damage control after the fact.

Especially with large businesses that handle sensitive customer data, cyber-security staff is non-negotiable. They are the experts that know best how to protect the company, the data, and all the networks and devices associated with it.

  • It’s not enough to just implement the bare minimum-security measures. Regular checks are necessary to make sure everything is working as it should and that there is no unknown data loss.
  • Security insurance is also an excellent idea. While larger businesses arguably have more to lose, it is the small businesses that are more likely to become victims because they are perceived as easier targets.

Insurance can make the difference between a business shutting down because of financial loss during a cyber-attack and being able to recover smoothly.

Final thoughts

All in all, cyber-security is a serious problem that is not yet treated with as much care and attention as it requires. Every organisation is vulnerable and a potential victim, and even businesses who have taken security measures have fallen prey to dishonest and predatory practices.

The most important takeaway is that more education is needed across the board, particularly in the case of employees. The more people are aware of the dangers and how to prevent them, the better.

While the overall number of victims seems to have dropped, the financial impact has grown, so there is still a need for preventative measures and a continued protection against cyber-crime.