Cyber attacks are costing UK businesses up to £1m
Companies voice concern over time to recover following an incident
Over half of UK businesses have suffered a cyber attack over the course of the past year, with the average cost of each incident coming in at a minimum of 330,000.
The figures form part of a new report by BAE Systems, which surveyed 100 business leaders from private sector firms with more than 1,000 employees. In addition to the 57% attack rate, 20% of those interviewed said they either didn't know or weren't confident that they could achieve 'business as usual' within 48 hours of an incident occurring.
The research also found that, while the minimum cost to a business of this size and type may be a substantial 330,000, 10% of those interviewed said a breach could cost them an eyewatering 1 million.
Julian Cracknell, MD for UK services at BAE Systems Applied Intelligence, said: "The research confirms that cybersecurity is no longer a technical issue, but a challenge for the board.
"Businesses need to ensure they have the right people, processes and tools in place, so when a major incident occurs they are equipped to understand, contain and remediate. If action isn't taken immediately, the price of cyber ignorance for the company and the wider economy could be severe."
The release of the report coincides with the launch of the UK National Cyber Security Centre (NCSC) and has been welcomed by the wider tech and security industry.
Rob Norris, director of enterprise cybersecurity in EMEIA at Fujitsu, said: "With the amount of cyber attacks increasing by the day, it is no surprise that one in 10 UK businesses would face a loss of 1 million if hit.
"Attackers will always take the easiest route possible to breach a network so it is vital that organisations across all sectors take the fight to cyber criminals before they can act. While the launch of the [NCSC] in London today is encouraging ... organisations must also take responsibility and be proactive to enable real-time threat reporting and fast solutions before a threat becomes a compromise."
Stephen Love, security practice lead EMEA at IT firm Insight, added: "The fact that a cyber attack could cost one in ten UK businesses 1 million is not at all surprising ... what's potentially more worrying is that the study found one fifth of businesses were not confident that they could return to business as usual within 48 hours of an attack.
"In short, this means they aren't prepared for the inevitable. The industry is consistently warning against the risks of leaving a business unprepared and unprotected, yet BAE's research shows that a large portion of the UK's corporate landscape aren't adhering."
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now