Infosec 2015: More UK businesses than ever face data breaches as costs spiral

UK government report finds that nine-in-ten firms has information security incident

The number of security breaches suffered by UK companies has increased, according to a government-backed report.

Unveiled at the Infosec conference in London this week, the 2015 Information Security Breaches Report found that nine-in-ten organisations have been hit by some kind of security breach over the past year - an increase from 81 per cent the previous year.

The research, conducted by PwC, found that 74 per cent of SMBs were also affected by a breach of some description. This was up from 60 per cent a year ago.

The cost to firms from the most serious breaches has also shot up and is now pegged at between 1.46 million and 3.14 million for a large organisation, up from 1.15 million a year ago. The cost to a small firm from a serious breach was found to be up to 311,000, up from 115,000 a year ago.

Breach costs include business disruption, lost sales and recovery of assets.

The report also found that the number of external attacks on large organisations in the UK had increased by over a third (38 per cent), while malware-related attacks had halved.

Research also revealed that 13 per cent of large organisations suffered a security breach relating to social networking sites and the percentage of large firms reporting an incident involving tablets and smartphones had doubled to 15 per cent from seven per cent the previous year.

Giles Smith, deputy director of Cyber Security and Resilience at the Department of Business, Innovation and Skills, speaking at the launch of the report said that the figures paint "sorry picture on the face of it", but this meant that organisations were getting "better at spotting problems".

He said that more organisations were using the government's "Ten Steps" guidance on how to protect infrastructure with a third of firms now using this information, up from a quarter last year.

Richard Horne, a cyber security partner at PwC speaking at the launch, said that the survey findings should make people "realise that it's about fixing the way technology is used and change the way they work rather than fixing the tech itself."

However, the problems could be much deeper. Horne said that a lot of organisations still don't publicly acknowledge when they've been a victim of a breach.

"What we see here is just the tip of the iceberg," he added.

Featured Resources

Become a digital service provider

How to transform your business from network core to edge

Download now

Optimal business results with the cloud

Evaluating the best approaches to hybrid cloud adoption

Download now

Virtualisation that enables choices, not compromises

Harness the virtualisation technology that's right for your hybrid infrastructure

Download now

Email security threat report 2020

Four key trends from spear fishing to credentials theft

Download now

Recommended

How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Weekly threat roundup: Microsoft Defender, Adobe, Mimecast
vulnerability

Weekly threat roundup: Microsoft Defender, Adobe, Mimecast

14 Jan 2021
Mimecast admits hackers accessed users’ Microsoft accounts
Security

Mimecast admits hackers accessed users’ Microsoft accounts

13 Jan 2021
What is public key infrastructure (PKI)?
Security

What is public key infrastructure (PKI)?

12 Jan 2021

Most Popular

How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
The fate of Parler exposes the reality of deregulated social media
Policy & legislation

The fate of Parler exposes the reality of deregulated social media

14 Jan 2021
Should IT departments to call time on WhatsApp?
communications

Should IT departments to call time on WhatsApp?

15 Jan 2021