The United Kingdom’s 2016 Cyber Security Breaches Survey, published released this month, reveals that 65 percent of large business detected a cybersecurity breach or attack in the past year, with a quarter of those affected businesses experiencing a breach at least once per month. (The survey defined “large business” as one with at least 250 employees.)
The average cost of a data breach to a large business was €36,500 (about $41,546), while the most costly breach identified cost €3 million ($3,413,850). More than two-thirds of breaches (68 percent) occurred in the form of viruses, spyware, and malware, while the remaining 32 percent began when an intruder impersonated an employee.
U.K. businesses are hampered in their cyberattack prevention by a lack of understanding of the proper risk-management and risk-detection practices. Just 51 percent of all businesses surveyed tried to identify cybersecurity risks in advance, and while more than nine in 10 large businesses performed these checks, they often fell short of industry standards.
The financial sector spent the most on cybersecurity over the course of the period covered by the survey, followed by communications companies and utilities, real-estate firms, and retail and transportation companies.
The U.K. Department of Culture, Media and Sport conducted the data-breach survey by calling 1,008 British businesses between Nov. 30, 2015, and Feb. 5, 2016. It followed up with 30 in-depth interviews conducted between January and February.