The average cost of the most severe online security breaches for big business now starts at £1.46m – up from £600,000 in 2014, according to Government research published to raise awareness of the growing cyber threat.
The Information Security Breaches Survey 2015, published by Digital Economy Minister Ed Vaizey and launched at the Infosecurity Europe event, shows the rising costs of malicious software attacks and staff-related breaches and illustrates the need for companies to take action.
For small and medium-sized businesses (SMEs), the most severe breaches cost can now reach as high as £310,800, up from £115,000 in 2014, according to the research.
The survey shows:
- 90% of large organisations reported they had suffered an information security breach, while 74% of SMEs reported the same
- For companies with more than 500 employees the average cost of the most severe breach is now between £1.46m and £3.14m
- For SMEs, the average cost of the worst breach is between £75,000 and £310,800
- Attacks from outsiders have become a greater threat for both small and large businesses
- 75% of large businesses and 30% of small business suffered staff-related breaches
However, more firms are taking action to tackle the cyber threat, with a third of organisations now using the Government’s “Ten Steps to Cyber Security” guidance, up from a quarter in 2014.
And nearly half (49%) of all organisations have achieved a “Cyber Essentials” badge to protect themselves from common internet threats, or plan to get one in the next year.
Digital Economy Minister Ed Vaizey commented: “The UK’s digital economy is strong and growing, which is why British businesses remain an attractive target for cyber-attack and the cost is rising dramatically. Businesses that take this threat seriously are not only protecting themselves and their customers’ data but securing a competitive advantage.
“I would urge businesses of all sizes to make use of the help and guidance available from Government and take up the Cyber Essentials Scheme.”
There is a raft of free guidance available from Government to help businesses secure themselves against costly cyber security breaches. Cyber Essentials is a Government-backed and industry-supported scheme to protect businesses of all sizes against the common threats found on the internet.
Andrew Miller, Cyber Security Director at PwC, said: “With nine out of ten respondents reporting a cyber-breach in the past year, every organisation needs to be considering how they defend and deal with the cyber threats they face.
“Breaches are becoming increasingly sophisticated, often involving internal staff to amplify their effect, and the impacts we are seeing are increasingly long-lasting and costly to deal with.”