Half of UK businesses fall to cyber attacks despite bolstered defences
In the last year, a startling 50% of UK businesses have succumbed to a cyber attack or breach, a result of failing defences, as revealed by the UK Government's recent Cyber security breaches survey 2024. Medium to large businesses felt the heat, even more, recording 70-74% attacks, while charities fared slightly better at 32%.
Interestingly, the most prevalent form of cyber threat was Phishing, responsible for targeting 84% of the affected businesses. A further 35% of the affected entities had also come under the threat of organisation impersonation, with virus or other malware affecting 17% of these targets. This rise has eventuated in the face of raised cyber hygiene standards. To illustrate, up-to-date malware protection was deployed by 83% of businesses, and 75% administered network firewalls, reporting a marked rise from the previous year's 76% and 66% usage respectively.
Speaking on these findings, Achi Lewis, Area VP EMEA for Absolute Software, accentuated the importance of robust defence measures through cyber resilience underpinned with preventive, recovery, and reactive procedures amidst potentially likely threats. Achi said, "From the Prime Minister to large enterprises to charities, anyone and everyone can be targeted by a malicious cyber attack."
An emphatic Achi further noted the need for security teams to look out for suspicious activity across their entire network and have the power to "freeze or even shut down potentially compromised devices". He also highlighted the importance of cyber resilience in security strategies as a potent approach to avoid breaches.
The security measures already in place saw that 31% of the businesses conduct a cyber security risk assessment over the past year, and interestingly, around a third of businesses (33%) deploying security monitoring tools to reinforce their defences.
Oseloka Obiora, CTO of RiverSafe, echoed these sentiments, warning that developments like AI have rendered security maintenance increasingly challenging, having surged the volume and complexity of external threats while inadvertently aiding insider threats. "Now, organisations need to be even more aggressive with their response and remediation plans if they are to withstand a new flavour of AI-generated cyber attacks," said Oseloka.
Oseloka also called for an increase in preparedness by way of enabling robust network visibility to swiftly detect and rectify vulnerabilities across systems, thereby easing the impacts of cyber threats on complex or dispersed IT systems.
On a positive note, it emerged that the number of businesses insured against cyber security risks had seen an upward trend from 37% to 43% in the last year, and predictably, this figure rose further among medium and large companies. Despite these measures, cyber threats continue to remain a palpable concern, and businesses must work relentlessly towards enhancing their security infrastructure.