Nearly half (46%) of UK firms reported suffering a security breach or cyber-attack over the past year, an increase on previous years, but they are getting better at recovering from and deflecting such blows, according to the government.
The annual Cyber Security Breaches Survey revealed an increase in the overall volume of businesses reporting incidents, up from 32%. The number of medium (68%) and large (75%) businesses reporting breaches or attacks also jumped, from 60% and 61% respectively.
This puts the 2020 report’s findings in line with the first government analysis in 2017, it claimed.
Of those businesses that reported incidents, more are experiencing these at least three times a week than in 2017 (32% versus 22%).
The government also claimed that organizations are experiencing more phishing attacks (from 72% to 86%) whilst fewer are seeing malware (from 33% to 16%) than three years ago.
However, the rise in incidents has been offset by stronger response and resilience, according to the report. Since 2017, the proportion of businesses listing any outcome from an incident has fallen by 19% and the proportion being negatively impacted has fallen by 18%.
Cybersecurity is also becoming more of a board-level issue: 80% of respondents said it’s a high priority for their senior management and 37% said they have board members with a security brief.
However, elsewhere there’s still some way to go: just 32% reported having cyber insurance, half (50%) have conducted audits in the past year, 15% have reviewed supply chain risk and only a quarter (27%) said they’d reported breaches to anyone beyond their IT/security providers.
The latter is particularly concerning given the strict reporting requirements of the GDPR.
Redscan CTO, Mark Nicholls, questioned whether malware is really on the wane, given new variants of fileless threats that are harder to detect, and pointed out another discrepancy in the report’s findings.
“The most concerning thing for me, is the significant number of organizations that have been targeted and aren’t aware of it. While a significant percentage of businesses identify multiple attacks each week, more than half say they haven’t had a single one in 12 months,” he argued.
“Being able to swiftly detect attacks is key to minimizing damage but many organizations still lack the appropriate controls and a deep awareness of what activity to look for.
RSA Security UK & Ireland regional director, Chris Miller, argued that supply chain risk assessments should be carried out through the lens of potential impact on business operations.
“First, you must identify the most important parts of your business and then focus on protecting them. Ask yourself: which data flows in and out of the business? Which suppliers have access to what corporate data? Where is my most critical data and who can access it?” he said.
“By taking this approach, you can align your security protocols so you know how much access to grant to, and how much trust to place, in your suppliers.”