UK businesses have lost at least $37 billion in the past 12 months due to cybersecurity breaches and related security incidents, new research has found.
This is according to a report by Grant Thornton, which polled some 500 UK mid-market companies, with half of them reporting losses of up to 10 per cent of their revenue, due to a cyberattack.
Those hit by more severe attacks have lost up to 25 per cent of their revenue.
At the same time, boards remain ignorant to the dangers of hackers and confident in their ability to keep their organisations safe. Almost two thirds have no board member tasked specifically to tackle cybersecurity threats, and the same percentage doesn’t review risks and management, at least not formally.
Training is also an issue, despite cybersecurity experts’ daily pleas that employee education is the best way to tackle these types of threats. A third of polled organisations (36 per cent) have trained their employees in the last 12 months.
James Arthur, partner and head of cyber consulting at Grant Thornton, said boards had a key role to play in ensuring they had an effective cyber strategy in place.
“Putting cyber crime onto the board’s agenda is one of the most effective ways to minimise the chances of a successful attack and reduce the financial impact if a breach occurs. With that in mind, it is worrying that almost two-thirds of the businesses we interviewed do not have a board member responsible for cyber security,” he said.