UK business security breaches fall, but costs rise

cyber security
The cost of security breaches for UK companies has increased

UK businesses have seen a decrease in the number of security breaches over the last year, but a marked increase in the cost of individual breaches, according to a new report.

The 2014 Information Security Breaches Survey, which suggests that the average cost of the worst breach has almost doubled since 2013, was carried out by PricewaterhouseCoopers on behalf of the UK's Department for Business, Innovation and Skills.

It found that large businesses suffered 16 breaches over the last year, down from 21 previously, and small businesses suffered 6 breaches over the last year, down from 10 previously.

Average costs of the worst individual breaches reached £1.15m for large businesses (up from £850k) and £115k for small businesses (up from £65k).

Taking steps

The report reiterated the UK Government's Ten Steps of guidance for ensuring cyber-security. Suggested steps include educating users, managing user permissions, monitoring systems and protecting networks against malware.

"This year's survey clearly demonstrates the continuing risks associated with doing business in cyberspace, as well as the encouraging steps some businesses are taking to improve their information security," said Minister for Universities and Science David Willetts. "The sharp increase in the costs associated with security breaches underlines the fact that cyber security is a significant business risk that must be taken seriously."

The Information Security Breaches Survey is an annual report that has been carried out since the early 1990s. A total of 1,125 respondents were surveyed across small, medium and large businesses in a range of industries.