News Reaction: The UK Cyber Security Breaches Survey 2024 Confirms That Attacks Remain a Significant Threat

Today, the UK Government published its Cyber Breaches Survey for 2024.

This official annual statistic lists the cost and impact of cyber breaches and attacks on businesses, charities, and educational institutions to inform Government policy on cyber security.

The latest report shows that despite progress, cyber threats to UK businesses and charities remain a significant threat, with over half of businesses (50%) and around a third of charities (32%) report having experienced some form of cyber security breach or attack in the last 12 months.

While the survey of around 3,500 businesses, charities, and education institutions found that cyber hygiene among micro businesses is improving and organisations are continuing to invest in cyber security despite economic barriers, some significant challenges remain.

Here, Matt Thomas, SVP of UK Markets at NCC Group, comments:

“With half of businesses encountering cyber breaches and attacks in the last 12 months, this report exposes the scale of the cyber threat landscape we face today. An estimated 7.78 million cyber crimes is not a figure that should be taken lightly.

“Businesses and charities are at risk of phishing scams, viruses, and malware, so it is heartening to see an uptick in the adoption of cyber hygiene practices, with those using up-to-date malware protection up from 76% to 83%. Improvement in cyber hygiene among micro businesses in particular, and qualitative reports that companies are investing in cyber security should be celebrated. Despite the economic challenges that all businesses face, there is long-term value in investing in cyber hygiene now and prioritising prevention before an incident occurs.

“But today’s report is a reminder that challenges remain despite progress. With global supply chain instability continuing, formal procedures are more important than ever. This report has also highlighted a lacking approach to incident response across the board, with only a minority of businesses (22%) having agreed upon, formal processes in place to support following a cyber incident.

“Three-quarters of all businesses have reported cyber security as a high priority among senior management. However, today’s findings show discrepancies between the size of businesses adopting appropriate cyber security measures. 98% of large businesses and 93% of medium businesses have cyber security at the top of their agenda, but small businesses are yet to prioritise mitigating cyber threats in the same way despite being vulnerable.

“There has not been significant improvement in board or senior management engagement on cyber security since 2017. The disconnect between IT or cyber teams and wider staff is being keenly felt within large businesses, suggesting greater collaboration is required across businesses to effectively and holistically combat cyber threats.

“Further education is still needed to support smaller businesses and charities towards a safer cyber future, and this data also demonstrates sectoral differences when it comes to cyber security. Businesses within finance and health, for example, are more likely to make cyber security a higher priority than other businesses, but all must move away from a complacency culture and invest budget into protecting themselves from cyber threats too.”