70% of businesses have suffered a cyber security breach in the last year

New Government statistics have revealed half of UK businesses suffered a cyber security breach or attack in the last 12 months; rising to two-thirds among medium sized businesses (66%) and large businesses (68%.)

In fact, the ‘Cyber Security Breaches Survey, 2017’ has claimed nearly 7 in 10 businesses have identified a breach on some level. Firms holding personal data are more likely to face an attack (51%); compared to 37% of business who do not hold personal data.

Rebootonline.com sought to discover what the most common attacks experienced by businesses are. Fraudulent emails (72%) was the highest, followed by viruses, spyware and malware (33%.) A further quarter suffered temporary loss of files, whilst one fifth had software or systems corrupted. 1 in 10 lost access to third party systems they rely on, and 1 in 10 had their website taken down or significantly slowed.

Subsequently, three in five (58%) businesses have sought information, advice or guidance on the cyber security threats facing their organisations over the past year.

Ciaran Martin, CEO of the National Cyber Security Centre adds: “Most successful cyber-attacks are not that sophisticated, but can cause serious commercial damage. By getting the basic defences right, businesses of every size can protect their reputation, finances and operating capabilities.”

Per research carried out by PwC, 76% of UK CEO’s believe cyber risks to be a significant threat to business in 2017. Consequently, 97% of British CEO’s are currently addressing possible cyber breaches in their organisation; far higher than the global average figure of 90%.

The findings – based on a research sample of 1,379 global leaders, including 126 UK CEO’s – show UK leaders are significantly more concerned about cyber threats than many of their global peers (UK 76%; global 61%) who do not consider cyber security breaches to be a heightened threat to business.

Richard Home, UK cyber security partner at PwC comments: “Most business boards now recognise that cyber security is a complex risk that requires their attention. The most successful leaders will be those who define a comprehensive, broad approach to governing cyber security.”

Reboot Online Marketing looked to analyse exactly how much each UK industry is willing to spend on their cyber security measurements.

Over the past year, 67% of businesses have spent money on cyber security; which tends to be far higher among medium firms (87%) and large firms (91%.) Furthermore, the government has committed to investing £1.9billion to protect nation from cyber-attacks.

Sectors such as information, communications and utilities are spending the most on cyber security protection at a cost of £19,500. Finance and insurance come second with an investment of £9,650. At the end of the spectrum is hospitality and food, with a spend of just £620.

Interesting to note, that education, health and social care – has the 2nd lowest spend for cyber security (£1,810), which is concerning considering this industry is data heavy and must do more to safeguard personal data.

Reboot Online also considered the main reasons businesses choose to invest in cyber security, by selecting the top 10 responses made by 930 businesses across the UK.

Understandably, it seems businesses are most concerned with the protection of customer data (51%) and the loss of high-value assets, such as trade secrets, intellectual property and cash (28%.) The prevention of fraud or theft (17%) and the protection of reputation or brand (10%) were comparatively lower.

Areas of least concern were complying with laws and regulations (7%), the protection of staff and systems (4%) and improving overall efficiency of the business (4%), indicating a definite disparity between business factors and how much each means to – or may cost – a company to rectify.


GDPR Summit Series is a global series of GDPR events which will help businesses to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.

Further information and conference details are available at http://www.gdprsummit.london/