June 3, 2015 - The average cost of the most severe online security breaches for big business now starts at £1.46 million – up from £600,000 in 2014, according to government research published yesterday (2 June 2015) to raise awareness of the growing cyber threat.
The Information Security Breaches Survey 2015, published by Digital Economy Minister Ed Vaizey and launched at the Infosecurity Europe event, shows the rising costs of malicious software attacks and staff-related breaches and illustrates the need for companies to take action.
For small and medium sized businesses (SMEs), the most severe breaches cost can now reach as high as £310,800, up from £115,000 in 2014,
However, more firms are taking action to tackle the cyber threat, with a third of organisations now using the government's "Ten Steps to Cyber Security" guidance, up from a quarter in 2014. And nearly half (49%) of all organisations have achieved a "Cyber Essentials" badge to protect themselves from common internet threats, or plan to get one in the next year.
The survey shows:
90% of large organisations reported they had suffered an information security breach, while 74% of small and medium-sized businesses reported the same
for companies with more than 500 employees the average cost of the most severe breach is now between £1.46 million and £3.14 million
for small and medium sized business the average cost of the worst breach is between £75,000 and £310,800
attacks from outsiders have become a greater threat for both small and large businesses
75% of large businesses and 30% of small business suffered staff-related breaches
Digital Economy Minister Ed Vaizey said:
The UK's digital economy is strong and growing, which is why British businesses remain an attractive target for cyber-attack and the cost is rising dramatically. Businesses that take this threat seriously are not only protecting themselves and their customers' data but securing a competitive advantage.
I would urge businesses of all sizes to make use of the help and guidance available from government and take up the Cyber Essentials Scheme.
There is a raft of free guidance available from government to help businesses secure themselves against costly cyber security breaches. Cyber Essentials is a government-backed and industry-supported scheme to protect businesses of all sizes against the common threats found on the internet.
Andrew Miller, Cyber Security Director at PwC, said:
With 9 out of 10 respondents reporting a cyber breach in the past year, every organisation needs to be considering how they defend and deal with the cyber threats they face. Breaches are becoming increasingly sophisticated, often involving internal staff to amplify their effect, and the impacts we are seeing are increasingly long-lasting and costly to deal with.
SC Magazine UK, the information resource for cyber security professionals in the UK and Europe, has also announced the government's Cyber Essentials scheme has won the 'Editor's Choice Award' at the SC Europe Awards at Grosvenor House in London on Tuesday (2 June 2015) evening.
Tony Morbin, SC Magazine Editor-in-Chief, said:
Companies implementing Cyber Essentials can thwart the majority of current cyber attacks, making the programme potentially the biggest single contribution to cutting cyber crime. It is most certainly a worthy winner, as are all the partners across government and industry who have worked together to design, manage and deliver the programme.