Cyber attacks are costing UK businesses up to £1m

Companies voice concern over time to recover following an incident

Over half of UK businesses have suffered a cyber attack over the course of the past year, with the average cost of each incident coming in at a minimum of 330,000.

The figures form part of a new report by BAE Systems, which surveyed 100 business leaders from private sector firms with more than 1,000 employees. In addition to the 57% attack rate, 20% of those interviewed said they either didn't know or weren't confident that they could achieve 'business as usual' within 48 hours of an incident occurring. 

The research also found that, while the minimum cost to a business of this size and type may be a substantial 330,000, 10% of those interviewed said a breach could cost them an eyewatering 1 million.

Julian Cracknell, MD for UK services at BAE Systems Applied Intelligence, said: "The research confirms that cybersecurity is no longer a technical issue, but a challenge for the board.

Advertisement - Article continues below
Advertisement - Article continues below

"Businesses need to ensure they have the right people, processes and tools in place, so when a major incident occurs they are equipped to understand, contain and remediate. If action isn't taken immediately, the price of cyber ignorance for the company and the wider economy could be severe."

The release of the report coincides with the launch of the UK National Cyber Security Centre (NCSC) and has been welcomed by the wider tech and security industry.

Rob Norris, director of enterprise cybersecurity in EMEIA at Fujitsu, said: "With the amount of cyber attacks increasing by the day, it is no surprise that one in 10 UK businesses would face a loss of 1 million if hit.

"Attackers will always take the easiest route possible to breach a network so it is vital that organisations across all sectors take the fight to cyber criminals before they can act. While the launch of the [NCSC] in London today is encouraging ... organisations must also take responsibility and be proactive to enable real-time threat reporting and fast solutions before a threat becomes a compromise."

Stephen Love, security practice lead EMEA at IT firm Insight, added: "The fact that a cyber attack could cost one in ten UK businesses 1 million is not at all surprising ... what's potentially more worrying is that the study found one fifth of businesses were not confident that they could return to business as usual within 48 hours of an attack.

"In short, this means they aren't prepared for the inevitable. The industry is consistently warning against the risks of leaving a business unprepared and unprotected, yet BAE's research shows that a large portion of the UK's corporate landscape aren't adhering."

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020