Shorthand

The Cyber Security Breaches Survey 2018

The Government has surveyed UK businesses to find out how they approach cyber security and help learn more about cyber security issues

The research informs Government policy on cyber security and how Government works with industry to make Britain one of the most secure places to do business online.

The new statistics show businesses are experiencing more attacks per year. Among those experiencing breaches, large firms identify an average of 12 attacks a year and medium-sized firms an average of 6 attacks a year.

Smaller firms are still experiencing a significant number of cyber attacks, with 2 in 5 micro and small businesses (42%) identifying at least one breach or attack in the past 12 months, which could impact profits and reduce consumer confidence.

A huge proportion of all organisations are still failing to get the basics right. A quarter (25%) of charities are not updating software or malware protections and a third of businesses (33%) do not provide staff with guidance on passwords.

Over 1 in 10 (11%) of large firms are still not taking any action to identify cyber risks, such as health checks, risk assessments, audits or investing in threat intelligence.

Larger businesses and charities are more likely than the average to identify cyber attacks.

Breaches were more likely to be found in organisations that hold personal data and where employees use their own personal devices for work.

The Cyber Security Breaches Survey 2018

The Government has surveyed UK businesses to find out how they approach cyber security and help learn more about cyber security issues

The new statistics show businesses are experiencing more attacks per year. Among those experiencing breaches, large firms identify an average of 12 attacks a year and medium-sized firms an average of 6 attacks a year.

Smaller firms are still experiencing a significant number of cyber attacks, with 2 in 5 micro and small businesses (42%) identifying at least one breach or attack in the past 12 months, which could impact profits and reduce consumer confidence.

Over 1 in 10 (11%) of large firms are still not taking any action to identify cyber risks, such as health checks, risk assessments, audits or investing in threat intelligence.

Larger businesses and charities are more likely than the average to identify cyber attacks.Breaches were more likely to be found in organisations that hold personal data and where employees use their own personal devices for work.

Larger businesses and charities are more likely than the average to identify cyber attacks.

Breaches were more likely to be found in organisations that hold personal data and where employees use their own personal devices for work.