Research from business ISP provider Beaming revealed that the number of businesses in the U.K. that affected by cyberattacks has doubled since 2015. The five-year cybersecurity research stated that 1.5 million businesses (25%) in the U.K. suffered cyberthreats in 2019, compared to 755,000 businesses (13%) in 2015, costing them £87 billion (US$ 108 billion).
The research also highlighted that large-scale businesses were the most affected, with 9 in 10 companies (87%) reporting cyberattacks. Small and Medium Businesses (SMBs) have seen the steepest rise in attacks, compared to 28% of firms hit in 2015, to 62% in 2019.
Other Notable Findings from Beaming’s Study include:
- Over the past five years larger companies were consistently breached at a higher rate than smaller businesses. The risk of becoming a victim increases by more than 60% when a company hires its first employees.
- Although more companies are taking measures against cybercrimes, uptake of these measures remains very low overall. In 2015, 5% of businesses had a cybersecurity policy; that figure is now 9%. In 2015, 30% of businesses had a firewall at the network perimeter; that figure is now 37%. In 2015, 20% of businesses put in place employee training and awareness-raising measures; that figure is now 22%.
- More than a fifth of small (20%), medium (24%) and large companies (36%) now discuss a range of cyberthreats at the board level. The proportion of businesses taking additional steps to mitigate a range of cyber-risks has increased from 16% in 2015 to 37% last year.
- Malware continues to be the biggest concern for business leaders, with 45% of them taking additional measures to combat it (compared to 26% in 2015).
- In 2019, Phishing was the most common form of successful attack on every size of business – with the exception of micro companies, where 1% more fell victim to malware (although in 2018 phishing was also by far the biggest threat to micros too). The proportion of businesses hit by phishing attacks grew by 50% in five years, from 6% in 2015 to 9% in 2019.
- Staff members were responsible – either through malicious intent, neglect, or genuine mistakes – for breaches in more than a third of cases. Business leaders held employees accountable for 37% of breaches in 2015, and 36% in 2019.
- Beaming’s research indicates that almost two-thirds (61%) of U.K. businesses have minimal levels of cybersecurity defenses in place, relying on anti-virus software and basic router protection to keep them safe. 69% of micro businesses and 58% of small companies were in this situation at the start of 2020.
Sonia Blizzard, Managing Director of Beaming, said, “Cybercrime is one of the first fields to embrace automation, allowing hackers to launch increasingly sophisticated attacks with unprecedented scale and frequency. Businesses of all sizes need to think hard about improving the resilience of their IT and communication systems, to minimize the chances of being breached and the potential impact.”
She added: “The threat has grown astronomically over the last five years. What used to be seen as a big-business problem has become a serious concern for every company director, manager, and IT professional out there. Small businesses are now on the front line in the war against cybercrime. But they have not invested in cybersecurity or employee education at the same rate as their larger counterparts, and they are easier targets as a result.”