Britain’s cyber defenses are faltering as half of businesses are hit by a cyber attack, according to a UK government survey

UK businesses’ cyber defenses are faltering as 50 per cent of businesses reported a cyber attack or breach in the last 12 months, according to the government’s latest 2024 cyber security breach survey.

The figure increased significantly among mid-sized companies (70 percent) and large companies (74 percent), while 32 percent of charities were victims of an attack or breach.

Phishing was by far the most common type of threat companies faced; 84 percent of targeted businesses were attacked. While organizational impersonation and viruses or other malware were the most common threats, accounting for 35 percent and 17 percent of companies targeted, respectively.

The increased threat landscape comes despite an increase in cyber hygiene: 83 percent use up-to-date malware protection, up from 76 percent last year, and 75 percent use network firewalls, up from 66 percent.

Last year’s most disruptive breach cost each business an average of around £1,205.

Commenting on the findings, Achi Lewis, Area VP EMEA for Absolute software, said: “From the Prime Minister to major corporations and charities, anyone could be the target of a malicious cyber attack. It is more important than ever for organizations to have cyber resilience that supports robust defense measures, focusing on reactive, preventive and remediation procedures, as threats are a matter of ‘when not if’.”

“Especially in today’s work-from-anywhere world, security teams need visibility across an organization’s entire network to protect devices, applications and ultimately personnel. Secure access technology can build trust between devices and a network, alerting centralized IT teams to suspicious behavior and giving them the ability to freeze or even disable potentially compromised devices. An approach to security that builds cyber resilience into defenses is the best way for targeted organizations to ensure their measures are working properly to prevent breaches.”

In total, 31 percent of companies claimed they had conducted cybersecurity risk assessments in the past year, while a third (33 percent) had deployed security monitoring tools to strengthen their defenses.

Cybersecurity expert Oseloka Obiora, CTO, River safe, noted: “There’s no doubt that developments like AI have made security teams’ jobs harder over the past year, increasing the volume and sophistication of external threats, and creating an open door for insider threats through tools like ChatGPT . . Now organizations must be even more aggressive with their response and recovery plans if they want to withstand a new form of AI-generated cyber attacks.”

“To increase preparedness, security teams need robust network visibility so they can quickly detect and address vulnerabilities in systems, mitigating the impact of cyber threats, especially in complex or distributed IT systems.”

The number of companies insured against cyber security risks has increased from 37 percent to 43 percent in the past twelve months, a figure that is rising among medium and large companies.