Cyber attacks are costing UK businesses up to £1m

Companies voice concern over time to recover following an incident

Over half of UK businesses have suffered a cyber attack over the course of the past year, with the average cost of each incident coming in at a minimum of 330,000.

The figures form part of a new report by BAE Systems, which surveyed 100 business leaders from private sector firms with more than 1,000 employees. In addition to the 57% attack rate, 20% of those interviewed said they either didn't know or weren't confident that they could achieve 'business as usual' within 48 hours of an incident occurring. 

The research also found that, while the minimum cost to a business of this size and type may be a substantial 330,000, 10% of those interviewed said a breach could cost them an eyewatering 1 million.

Julian Cracknell, MD for UK services at BAE Systems Applied Intelligence, said: "The research confirms that cybersecurity is no longer a technical issue, but a challenge for the board.

Advertisement - Article continues below

"Businesses need to ensure they have the right people, processes and tools in place, so when a major incident occurs they are equipped to understand, contain and remediate. If action isn't taken immediately, the price of cyber ignorance for the company and the wider economy could be severe."

The release of the report coincides with the launch of the UK National Cyber Security Centre (NCSC) and has been welcomed by the wider tech and security industry.

Rob Norris, director of enterprise cybersecurity in EMEIA at Fujitsu, said: "With the amount of cyber attacks increasing by the day, it is no surprise that one in 10 UK businesses would face a loss of 1 million if hit.

"Attackers will always take the easiest route possible to breach a network so it is vital that organisations across all sectors take the fight to cyber criminals before they can act. While the launch of the [NCSC] in London today is encouraging ... organisations must also take responsibility and be proactive to enable real-time threat reporting and fast solutions before a threat becomes a compromise."

Stephen Love, security practice lead EMEA at IT firm Insight, added: "The fact that a cyber attack could cost one in ten UK businesses 1 million is not at all surprising ... what's potentially more worrying is that the study found one fifth of businesses were not confident that they could return to business as usual within 48 hours of an attack.

"In short, this means they aren't prepared for the inevitable. The industry is consistently warning against the risks of leaving a business unprepared and unprotected, yet BAE's research shows that a large portion of the UK's corporate landscape aren't adhering."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now



Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019

Five signs that it’s time to retire IT kit

29 Nov 2019

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019