09 May 2018

How much are cyber attacks costing the UK?

The Cyber Security Breaches Survey 2018 has revealed that four in ten businesses and two in ten charities have suffered from a cyber security attack in the last 12 months.

In addition, it is now less than a month unti the new EU regulations on data protection – GDPR – come into force. British businesses could be fined heavily if they do not comply with the requirements of the new regulations. Under GDPR, in future the private, public and third sector must provide adequate IT security to protect personal data.


The cost of breaches

Cyber breaches can be expensive for any organisation and the cost is rising.  The Cyber Security Breaches Survey 2018 has revealed, even when assets or data were not lost, the estimated average cost of a cyber breach for a medium-sized business increased from £1,860 in 2016, to £3070 in 2017 and £8,180 in 2018.

That said, the average cost of a cyber security breach varied widely depending on the size of the affected organisation and whether or not the breach resulted in a loss of data.

For small and micro businesses, the average cost of a cyber attack was just £894, but even this modest sum could be damaging to this type of business.

For medium-sized businesses, the average cost rose from £8,180 to £16,100 if data or other assets were lost in a cyber security breach, while the equivalent averages for large businesses were £9,260 and £22,300.

With such high costs arising from cyber security breaches, it is concerning that 65% of such firms experienced at least one cyber attack during the survey period.

WannaCry is just one example of a costly cyber attack. Last year it was revealed that WannaCry emergency measures cost central NHS agencies £180,000.

One year on, statistics like those in the Cyber Security Breaches Survey 2018 prove that all sectors have a long way to go and the study can only be a reminder to act before GDPR comes into force on 25 May.


How much is the Government investing?

To tackle increasing cyber security threats, the Minister for Digital and the Creative Industries, Margot James, has revealed that the UK Government plans to strengthen the UK’s data protection laws to make them fit for the digital age:

“We are investing £1.9 billion to protect the nation from cyber threats and I would urge organisations to make the most of the free help and guidance available for organisations from the Information Commissioner’s Office and the National Cyber Security Centre (NCSC).”

The Government’s Data Protection Bill will also introduce new regulations to improve cyber security in the UK. There will be a strong focus on critical service providers in sectors like health, energy and transport.


Cyber Essentials

The main aim for the National Cyber Security Centre (NCSC) as is to “make the UK one of the safest places in the world to live and do business online.”

The National Cyber Security Centre (NCSC) promotes Cyber Essentials, a certification which is designed to guard British businesses against the most common cyber threat. Businesses that have the certification will be able to demonstrate their commitment to cyber security by having this.

This certification will help you to attract new business with the promise you have cyber security measures in place.

Find out more about Cyber Essentials or download our free scheme summary document.