UK businesses are being dealt a double whammy when it comes to cyber security as an increase in spending on protecting companies is being compounded by the fact that one attack can now cost over £1 million despite the number of attacks decreasing.
A study that was commissioned by the Department for Business, Innovation and Skills showed that companies are having to shell out more money to stop servers from becoming compromised by hackers.
“There has been a significant rise in the cost of individual breaches. The overall cost of security breaches for all type of organisations has increased. 10% of organisations that suffered a breach in the last year were so badly damaged by the attack that they had to change the nature of their business,” stated the report.
Larger organisations saw the average cost of the worst security breach of the year rise from between £450,000 and £850,000 in 2012 to between £600,000 and £1.15 million in 2013. The picture was just as bleak for small firms and showed that the average cost has risen to between £65,000 and £115,000 compared to between £35,000 and £65,000 for the year before.
The research, which was compiled by PwC, showed that UK firms saw five major security breaches every year and that the average smaller firm saw some kind of attack every eight weeks.
It also showed that 70 per cent of companies are still keeping the worst security incidents under wraps and as such the real figures are likely to be a lot higher than those reported here.
“Despite the number of breaches impacting UK business falling slightly in the last year, the number remains high and in many organisations there needs to be more done to drive actual management of security risks,” said Rob MacGregor, cyber security specialist at PwC Scotland, according to The Courier. “As high end breaches become more damaging and sophisticated, boards need to be reviewing threats and vulnerabilities on a regular basis.”
In spite of all this doom and gloom the amount of breaches was actually down compared with a year ago with large organisations admitting to suffering a breach dropping from 86 per cent to 81 per cent and small businesses seeing a decrease from 64 per cent to 60 per cent.