Half of businesses (50 per cent) and around a third of charities (32 per cent) have experienced some form of cyber security breach or attack in the last 12 months.
They’re among the headlines of the latest Cyber Security Breaches Survey, which looks at the state of the UK’s cyber resilience.
Earlier this week vet group CVS revealed it suffered ‘considerable’ disruption after being hit by a cyber attack.
The survey found the likelihood of a cyber attack increased in medium sized businesses (70 per cent), large businesses (74 per cent) and high-income charities with £500,000 or more in annual income (66 per cent).
By far the most common type of breach or attack is phishing, (84 per cent of businesses).
The survey estimates that UK businesses have experienced approximately 7.78 million cyber crimes of all types and approximately 116,000 non-phishing cyber crimes in the last 12 months.
The average annual cost of cyber crime for businesses is estimated at approximately £1,120 per victim but this can rise significantly depending on the scale of the attack.
One leading cyber security expert warned that some organisations were an ‘accident waiting to happen’ because they weren’t protecting themselves adequately.
Richard Staynings, chief security strategist for Cylera, said: “The latest Government’s Cyber Breaches Survey 2024 shows that an alarming 18 per cent more businesses have experienced some form of cyber security breach or attack in the last 12 months compared to last year’s findings.
“Despite this upward trend in attacks, it’s worrying to read that the percentage of organisations taking actions to identify cyber risks within their organisation and supply chain has largely unchanged compared to the year before.
“Still only around three in 10 businesses have undertaken cyber security risk assessments in the last year with again only around a third of businesses deploying security monitoring tools.
“It is concerning how rare it is still for organisations to be reviewing supply chain risk. This is an accident waiting to happen.”
Matt Thomas, head of UK markets at global cybersecurity agency NCC Group, said: “With half of businesses encountering cyber breaches and attacks in the last 12 months, this report exposes the scale of the cyber threat landscape that we face today. An estimated 7.78 million cyber crimes is not a figure that should be taken lightly.
“Three quarters of all businesses have reported cyber security as a high priority among senior management. However, the survey show discrepancies between the size of businesses adopting appropriate cyber security measures.
“98 per cent of large businesses and 93 per cent of medium businesses have cyber security at the top of their agenda, yet small businesses are yet to prioritise mitigating cyber threats in the same way despite being vulnerable.
“There has not been significant improvement in board or senior management engagement on cybersecurity since 2017. The disconnect between IT or cyber teams and wider staff is being keenly felt within large businesses, suggesting greater collaboration is required across businesses to effectively and holistically combat cyber threats.”