A new piece of research commissioned by the UK government has again pointed to a worryingly high proportion of businesses in this country which have been subject to a security breach.
The Cyber Security Breaches Survey, carried out by Ipsos Mori (and endorsed by the CBI and Federation of Small Businesses), found that 65% of big businesses in the UK were hit by a cyber-attack or breach in 2015. A staggering quarter of those companies experience at least one breach per month.
When it came to all businesses, 24% were subject to breaches, most of those being medium or large organisations.
Small businesses should not, however, be resting on their security laurels, as they are still a very viable target (often with a view to breaching larger firms they may conduct business with).
And the survey found that SMBs are failing when it comes to setting cybersecurity standards for their suppliers, with only 13% of all businesses doing this (25% of medium-sized firms do so, and 34% of large organisations – meaning small businesses are well off the pace).
Smaller companies can also do more when it comes to training their staff, with only 22% of SMBs having given employees cybersecurity training in the past year – that compares to 38% of medium-sized businesses and 62% of large ones.
The cost of such training may be an issue, but of course the cost of a breach could be far greater, and impact reputation as well as finances.
So what's the average cost of a breach when it comes to a large business? That weighs in at £36,500, and the most costly breach uncovered by the survey came in at £3 million. Across all businesses, the average cost is £3,480.
As for the nature of these attacks, the majority – 68% – were viruses, spyware or malware, and 32% involved impersonation of the organisation.