Almost half (46%) of UK businesses have identified at least one cybersecurity breach or attack in the past 12 months, with fraudulent phishing emails being the biggest threat.
The survey carried out by Iposis MORI and the Institute for Criminal Justice Studies at the University of Portsmouth highlights how both large and small businesses need to take steps to protect themselves and their customers in the 21st century.
On top of fraudulent emails (making up 72% of attacks), viruses, spyware, malware, impersonation, and ransomware are other common attack methods.
(Click image to enlarge) Source: Iposis MORI
What’s interesting is that 41% of those that have experienced a cyber security breach say that online services are not at all core to their business. The report highlights an unnamed materials supplier who despite having any e-commerce activities, were hit by significant and ongoing cyberattacks ranging from phishing emails to ransomware.
Surveyed directors and senior managers say cyber security is a high priority (74%) however, only 33% have formal policies in place, 20% have had staff training, and just 11% have a cyber security incident plan. However, common steps include almost 90% of business having appropriate firewalls and 79% using IT restrictions.
Of those hit by attacks, 23% had temporary loss of files, 20% had software corrupted and 10% had a permanent loss or change of files or personal data.
The report recommends industries should do more to protect themselves with stronger passwords, formal policies and planning.
Ciaran Martin, CEO of the National Cyber Security Centre, said: “The majority of successful cyber attacks are not that sophisticated but can cause serious damage. By getting the basic defences right, businesses of every size can protect their reputation, finances, and operating capabilities.”
You can read the full Cuber Security Breaches Survey 2017 here.