Cyberattacks aren’t going away any time soon, but businesses aren’t helping themselves as half of those in the UK (50%) suffered a cyberattack or security breach in the last 12 months.
Of these, medium sized businesses were the hardest hit, making up over two thirds (70%). Charities also experienced their fair share of incidents, with just under a third (32%) suffering from some kind of breach or cyberattack.
The latest UK government Cyber Security Breaches Survey results have found that while businesses are increasing their security and cyber resilience, many are still unaware of or failing to adhere to recognized standards of cybersecurity.
Risk management and cyber hygiene
Phishing attacks remain the biggest threat to businesses, with four out of five (84%) being targeted, with 35% experiencing the not-quite-phishing tactic of bad actors pretending to be a business or organization.
Close to one in five (17%) businesses suffered a cyberattack or security breach involving malware or viruses, indicating that cybercriminals are increasingly turning to less sophisticated - but more effective - methods, prompting the UK government to issue advice on how to adhere to basic cyber hygiene practices.
However, the statistics show that the cyber hygiene of UK firms is slowly improving; there have been increases in updating malware protection (76% to 83%), restricting administrator rights (67% to 73%), implementing network firewalls (66% to 75%) and procedures for dealing with phishing emails (48% to 54%). Businesses not adhering to one or several of these practices are putting themselves at a greater risk of suffering a cyberattack.
A further issue that the survey highlights is a lack of awareness of government guidance on cybersecurity best practices, such as the 10 Steps to Cyber Security or the government-endorsed National Cyber Security Center’s Cyber Essentials standard.
MORE FROM TECHRADAR PRO
