UK companies report major fall in cyberattacks

cyberattacks
(Image credit: Shutterstock.com)
(Image credit: Shutterstock)

British businesses are reporting far fewer cyberattacks than previous years, new government research has found.

A new report from the department for digital, culture, media and sport (DCMS) found 32 percent of UK businesses surveyed (and 22 percent of charities) had been hit by a breach or cyberattack in the last 12 months. 

This was down from 43 percent in 2018 and 46 percent in 2017, with the median number of attacks being faced each year rising from two in 2017 to six in 2019.

GDPR

The average cost for a business hit by a cyberattack was £4,180, but the survey found other aspects were affected, with 27 percent of businesses saying an attack took up staff time dealing with an incident, and 19 percent had seen staff stopped from doing their daily work.

The report, which surveyed 1566 businesses across the UK, hypothesised that the drop in attacks could be down to a number of factors, including more investment in cybersecurity from businesses, as well as higher levels of compliance following GDPR.

30 percent of businesses said they had made changes to their cybersecurity because of GDPR, with 60 percent of these creating new policies and 15 percent saying they had brought in extra staff training.

However it also suggested that attackers themselves could be changing tactics, focusing their assaults on a smaller number of victims that would be certain to be unprotected.

Phishing scams were found to be the most common kind, with 80 per cent having been subject to email attacks, while 27 per cent reported they had been hit by either viruses, spyware or malware.

Despite this, only 31 percent of businesses have done a cyber risk assessment in the last 12 months.