Cyber Security Breaches Survey 2018: The Importance of Cyber Essentials
This month the Cyber Security Breaches Survey 2018 was released. It has revealed that almost three-quarters of businesses (74%) and over half of all charities (53%) have stated that cyber security is a high priority for their organisation’s senior management.
Find out more about the Cyber Security Breaches Survey and why your organisation should invest in Cyber Essentials certification.
What is the Cyber Security Breaches Survey?
The Cyber Security Breaches survey is a study which details current business action on cyber security. It also outlines the costs and impacts of cyber breaches and attacks. This year’s survey uncovered some surprising findings.
Key Statistics and Findings
- Only three in ten businesses (27%) and two in ten charities (21%) have a formal cyber security policy or policies.
- In the last 12 months four in ten businesses (43%) and two in ten charities (19%) have experienced a cyber security breach or attack.
- Three-quarters of businesses (74%) and over half of all charities (53%) have placed cyber security as a high priority for their organisation’s senior management.
Sectors and cyber security
The research from the latest survey proves that almost all sectors are reliant on online services, which exposes them to cyber security risks.
98% of all UK businesses and 93% of charities represented in the Cyber Security Breaches Survey 2018 are reliant on digital communication or services.
This includes everything digital such as staff email addresses, websites, online banking and eCommerce.
While almost all the organisations included in the survey use digital communication, cyber security is more important to some organisations than others.
The sectors most invested in cyber security are:
- Social Care/Work
Sectors where senior managers are “most likely to see cyber security as a low priority” include:
- Food or Hospitality
- Service and Membership Organisations
With the launch of the General Data Protection Regulation on 25 May approaching, now is the time for businesses to allocate cyber security spend wisely.
Investment in cyber security is well worth it when the new fines are taken into consideration. The levels of fines vary depending on turnover.
The first is up to €10 million or 2% of the company’s global annual turnover of the previous financial year, whichever is higher. The second is up to €20 million or 4% of the company’s global annual turnover of the previous financial year.
GDPR is mentioned in chapter three of the Cyber Security Breaches Survey, which found that 38% of businesses and 44% of charities are aware of GDPR. Of those, 13% businesses and 9% of charities had “amended their cyber security policies or processes specifically in preparation for GDPR”.
After last year’s WannaCry attack when more than 400,000 machines were infected, having a strong cyber security strategy should be a priority for all businesses and organisations moving forward.
The survey findings show that half of all businesses (51%) and three in ten charities (29%) have implemented all of the five basic technical controls listed under the Government endorsed Cyber Essentials scheme. These include:
- Secure configuration
- Access control
- Malware protection
- Patch management
By implementing the five controls correctly, you will protect your organisation from approximately 80% of cyber attacks.
Is your organisation protected? DCI makes obtaining certification straightforward and easy! Find out how to get Cyber Eessentials certification.