Cyber attacks are costing UK businesses up to £1m

Companies voice concern over time to recover following an incident

Over half of UK businesses have suffered a cyber attack over the course of the past year, with the average cost of each incident coming in at a minimum of 330,000.

The figures form part of a new report by BAE Systems, which surveyed 100 business leaders from private sector firms with more than 1,000 employees. In addition to the 57% attack rate, 20% of those interviewed said they either didn't know or weren't confident that they could achieve 'business as usual' within 48 hours of an incident occurring. 

Advertisement - Article continues below

The research also found that, while the minimum cost to a business of this size and type may be a substantial 330,000, 10% of those interviewed said a breach could cost them an eyewatering 1 million.

Julian Cracknell, MD for UK services at BAE Systems Applied Intelligence, said: "The research confirms that cybersecurity is no longer a technical issue, but a challenge for the board.

"Businesses need to ensure they have the right people, processes and tools in place, so when a major incident occurs they are equipped to understand, contain and remediate. If action isn't taken immediately, the price of cyber ignorance for the company and the wider economy could be severe."

Advertisement - Article continues below

The release of the report coincides with the launch of the UK National Cyber Security Centre (NCSC) and has been welcomed by the wider tech and security industry.

Rob Norris, director of enterprise cybersecurity in EMEIA at Fujitsu, said: "With the amount of cyber attacks increasing by the day, it is no surprise that one in 10 UK businesses would face a loss of 1 million if hit.

Advertisement - Article continues below

"Attackers will always take the easiest route possible to breach a network so it is vital that organisations across all sectors take the fight to cyber criminals before they can act. While the launch of the [NCSC] in London today is encouraging ... organisations must also take responsibility and be proactive to enable real-time threat reporting and fast solutions before a threat becomes a compromise."

Stephen Love, security practice lead EMEA at IT firm Insight, added: "The fact that a cyber attack could cost one in ten UK businesses 1 million is not at all surprising ... what's potentially more worrying is that the study found one fifth of businesses were not confident that they could return to business as usual within 48 hours of an attack.

"In short, this means they aren't prepared for the inevitable. The industry is consistently warning against the risks of leaving a business unprepared and unprotected, yet BAE's research shows that a large portion of the UK's corporate landscape aren't adhering."

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now



University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Careers & training

IBM job ad calls for 12-years of experience with six-year-old Kubernetes

13 Jul 2020
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020