Save content
Have you found this content useful? Use the button above to save it to your profile.
Information Security Breaches Survey 2014

Cyber attacks fall, but costs rise

by
30th Apr 2014
Save content
Have you found this content useful? Use the button above to save it to your profile.

The average cost of information security breaches affecting UK businesses has almost doubled in the past year, even though there has been a slight fall in the number of incidents, according to PwC’s annual survey of information security breaches, which was launched at the Infosec Europe event in London this week.

While cyber attacks have dropped off, the effects of breaches have got worse (see table right).

Information Security Breaches Survey 2014 - summary tableThe average cost of the most serious IT security breach experienced by 1,125 businesses surveyed rose for the third consecutive year, according to the survey, which was commissioned by the Department for Business, Innovation and Skills (BIS).

For small businesses the worst breaches cost between £65,000 and £115,000 on average and for large organisations between £600,000 and £1.15m.

Eighty-one per cent of large organisations suffered a security breach, down from 86% a year ago. Sixty per cent of small businesses reported a breach, down from 64% in 2013.

Seventy per cent of companies that have a poor understanding of security policy experienced staff related breaches, compared to only forty-one per cent in companies where security is well understood, the survey found.

Universities and Science Minister David Willetts said: “These results show that British companies are still under cyber attack. Increasingly those that can manage cyber security risks have a clear competitive advantage.”

Andrew Miller, cyber security director at PwC, said: “Breaches are becoming more sophisticated and their impact more damaging. Given the dynamic nature of the risk, boards need to be reviewing threats and vulnerabilities on a regular basis.”

One issue the BIS, PwC and survey partners including the ICAEW IT Faculty may need to address is how they go about recruiting participants in the survey next year. Members of our sister site UK Business Forums got very suspicious in November when they started receiving emails inviting them to click a link to take part. 

Forum members were concerned that they appeared to have received the emails because they were a member of the PAYE scheme, but email addresses that received the messages had never been provided to any government department.

"If it's not a phishing scam, it deserves top marks for looking like one. Perhaps it's a test to see who would fall for an email that resembles a scam!" commented UK Business Forums moderator David Griffith.

"Because it looks like a scan, I bet the feedback given is very low," added 14Steve14.

Tags:

Replies (0)

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.