Half of UK businesses experienced a cyber attack in the past year

A person at a desktop computer working on spreadsheet tables.
(Image credit: Shutterstock / Andrey_Popov)

Cyberattacks aren’t going away any time soon, but businesses aren’t helping themselves as half of those in the UK (50%) suffered a cyberattack or security breach in the last 12 months.

Of these, medium sized businesses were the hardest hit, making up over two thirds (70%). Charities also experienced their fair share of incidents, with just under a third (32%) suffering from some kind of breach or cyberattack.

The latest UK government Cyber Security Breaches Survey results have found that while businesses are increasing their security and cyber resilience, many are still unaware of or failing to adhere to recognized standards of cybersecurity.

Risk management and cyber hygiene

Phishing attacks remain the biggest threat to businesses, with four out of five (84%) being targeted, with 35% experiencing the not-quite-phishing tactic of bad actors pretending to be a business or organization.

Close to one in five (17%) businesses suffered a cyberattack or security breach involving malware or viruses, indicating that cybercriminals are increasingly turning to less sophisticated - but more effective - methods, prompting the UK government to issue advice on how to adhere to basic cyber hygiene practices.

However, the statistics show that the cyber hygiene of UK firms is slowly improving; there have been increases in updating malware protection (76% to 83%), restricting administrator rights (67% to 73%), implementing network firewalls (66% to 75%) and procedures for dealing with phishing emails (48% to 54%). Businesses not adhering to one or several of these practices are putting themselves at a greater risk of suffering a cyberattack.

A further issue that the survey highlights is a lack of awareness of government guidance on cybersecurity best practices, such as the 10 Steps to Cyber Security or the government-endorsed National Cyber Security Center’s Cyber Essentials standard.

MORE FROM TECHRADAR PRO

TOPICS
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.