Accessability Links
Job Search

BCC: 42% of big businesses hit by cyber security attacks

19 May 17 - 4:45PM  | Information Security
BCC: 42% of big businesses hit by cyber security...Cyber security incidents affect every business, and the threat is only increasing as criminals find innovative ways of circumnavigating defences. 

While all organisations are at risk, new research from the British Chambers of Commerce (BCC) indicates that large companies are the most likely to suffer the financial and reputational damage associated with a breach. 

All organisations at risk

BCC figures show that one-fifth of the 1,200 businesses polled said they had fallen victim to a cyber attack within the last 12 months. However, the results were heavily skewed towards big businesses; 42 per cent of enterprises with more than 100 staff reported an incident. 

This compared with just 18 per cent of respondents whose business employed fewer than 100 people. Overall, 21 per cent of those surveyed believed cyber security issues were having a direct impact on organisational growth. 

"Cyber attacks risk companies' finances, confidence and reputation, with victims reporting not only monetary losses but costs from disruption to their business and productivity," said BCC director-general Dr Adam Marshall. 

"While firms of all sizes - from major corporations to one-man operations - fall prey to attacks, our evidence shows that large companies are more likely to experience them."

Responding to an incident

According to the survey, the majority of businesses (63 per cent) turn to an IT service provider to help them recover after a breach, while just two per cent report the matter to the police. Twelve per cent ask their bank or financial provider for help. 

Meanwhile, less than one-quarter of organisations have cyber security accreditations in place, with the figure dropping to just 15 per cent for businesses with between one and four employees. 

The news comes soon after the UK government published a new report into cyber security breaches in the country, which revealed that nearly three-quarters of business leaders feel it is a high-priority issue. 

Nevertheless, only 11 per cent had an incident management plan implemented, while just one-third had a formal policy addressing cyber risks. 

The GDPR looms

Dr Marshall said more businesses are likely to evaluate their cyber defences over the coming months as they prepare for the introduction of the General Data Protection Regulation (GDPR) in May 2018. 

"Firms that don't adopt the appropriate protections leave themselves open to tough penalties," he warned. 

The fines for contravening the GDPR could equal four per cent of revenue or €20 million (£17.2 million), whichever is higher. 

The Information Commissioner's Office has already announced that it will be hiring 200 new staff in order to help businesses comply with the regulation. 

Do organisations need more help?

Dr Marshall believes organisations should receive more guidance from police and the government on how to respond when breaches occur. 

His comments take on new relevancy in the wake of the international WannaCry ransomware attack that struck a number of high-profile names, including the UK's NHS. 

The government's Cyber Security Breaches Survey found that just four per cent of organisations have sought information from public sector agencies regarding attacks on their systems, indicating awareness remains a problem. 

"Accreditations can help businesses assess their own IT infrastructure, defend against cyber-security breaches and mitigate the damage caused by an attack," Dr Marshall stated. 

Organisations can also strengthen their defences by recruiting cyber security experts with the right skills and experience to tackle increasingly sophisticated threats. 

Our 2017 Market Report combines our review of the prevailing conditions in the security & resilience recruitment market together with the results of our latest employer survey.

Image: weerapatkiatdumrong via iStockADNFCR-1684-ID-801836062-ADNFCR
Related headlines
Teens set to receive cyber security training to plug skills gap
Teens set to receive cyber security training to plug skills gap
16-08-2017 Skills shortages have been a common topic in the cybersecurity world over the last few years. We recently covered the...
Accenture unveils digital and cyber security hiring spree
Accenture unveils digital and cyber security hiring spree
04-08-2017 Accenture has significantly strengthened its UK workforce, with the consultancy recruiting approximately 1,700 new staff...
How big is the UK's cyber security skills gap?
How big is the UK's cyber security skills gap?
31-07-2017 It will hardly come as a surprise to many of our readers that the UK is suffering from a cyber security skills shortage....


Search More News
Open the calendar popup.
Open the calendar popup.

News Archive
August, 2017 (6)
July, 2017 (7)
June, 2017 (5)
May, 2017 (8)
April, 2017 (6)
March, 2017 (8)
February, 2017 (8)
January, 2017 (5)
December, 2016 (4)
November, 2016 (5)
October, 2016 (5)
September, 2016 (5)
August, 2016 (4)
July, 2016 (5)
June, 2016 (5)
May, 2016 (3)
April, 2016 (5)
March, 2016 (4)
February, 2016 (9)
January, 2016 (7)
December, 2015 (8)
November, 2015 (5)
October, 2015 (5)
September, 2015 (5)
August, 2015 (1)
July, 2015 (4)
June, 2015 (7)
May, 2015 (7)
April, 2015 (7)
March, 2015 (10)
February, 2015 (11)
January, 2015 (2)
December, 2014 (21)
November, 2014 (25)
October, 2014 (23)
September, 2014 (25)
August, 2014 (20)
July, 2014 (23)
June, 2014 (33)
May, 2014 (34)
April, 2014 (34)
March, 2014 (34)
February, 2014 (34)
January, 2014 (36)
December, 2013 (33)
November, 2013 (34)
October, 2013 (34)
September, 2013 (34)
August, 2013 (34)
July, 2013 (33)
June, 2013 (34)
May, 2013 (30)
April, 2013 (37)
March, 2013 (38)
February, 2013 (30)
January, 2013 (34)
December, 2012 (28)
November, 2012 (37)
October, 2012 (15)
March, 2012 (31)
February, 2012 (25)
February, 2011 (59)
January, 2011 (58)
December, 2010 (61)
November, 2010 (40)
October, 2010 (40)
September, 2010 (59)
August, 2010 (39)
July, 2010 (40)
June, 2010 (38)
May, 2010 (38)
April, 2010 (38)
March, 2010 (38)
February, 2010 (40)
January, 2010 (41)
December, 2009 (40)
November, 2009 (39)
October, 2009 (42)
September, 2009 (37)
August, 2009 (38)
July, 2009 (39)
June, 2009 (41)
May, 2009 (37)
April, 2009 (40)
March, 2009 (51)
February, 2009 (50)
January, 2009 (48)
December, 2008 (50)
November, 2008 (54)
October, 2008 (50)
September, 2008 (58)
August, 2008 (60)
July, 2008 (15)
 
Alex JozsaIT Audit
London
Andrew WhyteManager, Interim Solutions, Internal Audit
London
Daniel ClosePresident
New York
David HornsbyDirector, Banking & FS Internal Audit
London
David JarroldRegional Internal Audit, Risk & Control
London
Erin LeaderVP – Business Internal Audit
New York
Gabriel MooreConsultant
London
Gareth CarpenterRegional Director – Americas
New York
Hannah RussellAudit
London
Irma BoulderstoneBanking & FS Internal Audit
London
Russell BunkerAudit, Info Security & Technology Risk
Singapore
Steven DriverInternal Audit, Risk & Control
London
Tim SandwellDirector, Europe & Middle East
London
Vickie ChanAssociate – Internal Audit
New York
William WilcoxVice President
New York