View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 3, 2016

Cyber attacks cost UK businesses up to £1m, according to BAE Systems

New research reveals cyber ignorance putting businesses at risk.

By Ellie Burns

Research has thrown further light on the evolution of cyber security from technical issue to board issue, with the average cost of an attack standing at £330,000. For one in ten UK businesses, according to research by BAE Systems, the cost of cyber attacks are much higher – hitting up to £1 million.

79% of the UK businesses leaders surveyed believe that they have the appropriate security controls in place to defend against cyber attacks. Yet this confidence sits at odds with other findings from the research.

More than half (57%) of those surveyed said they had experienced a cyber attack in the past year, with one in five being in the dark when it came to knowing if their organisation has the right security controls in place. Of further concern is the fact that many of those surveyed who were confident about their defences had not tested their incident response plans for at least six months.

“The research confirms that cyber security is no longer merely a technical issue, but a challenge for the board. Around a fifth of the businesses we talked to said they either didn’t know or weren’t confident that they could return to business as usual within 48 hours of a serious cyber attack,” said Julian Cracknell, Managing Director for UK Services, BAE Systems Applied Intelligence.

“Businesses need to ensure they have the right people, process and tools in place, so when a major incident occurs they are equipped to understand, contain and remediate. If action isn’t taken immediately, the price of cyber ignorance – for the company and the wider economy – could be catastrophic.”

UK's National Cyber Security Centre

National Cyber Security Centre (NCSC)

The research findings could not have come at a more apt time, coming a few days after the announcement of a new security HQ in the heart of London. The National Cyber Security Centre, which will be located close to Victoria station in the capital, will be the front line in Britain’s fight against the soaring number of cyber attacks.

“With the amount of cyber attacks increasing by the day, it is no surprise that one in 10 UK businesses would face a loss of £1m if hit by an attack. Criminals seek data and intellectual property to sell, and companies have it – it’s as simple as that,” said Rob Norris, Director of Enterprise & Cyber Security in EMEIA at Fujitsu.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

“Attackers will always take the easiest route possible to breach a network so it is vital that organisations across all sectors take the fight to cyber criminals before they can act. While the launch of the new national cyber security centre (NCSC) in London is encouraging, as it aims to ensure the online safety of citizens, businesses and the government, organisations must also take responsibility and be proactive to enable real-time threat reporting and fast solutions before a threat becomes a compromise.

“This should sit alongside a clear and well-rehearsed incident management plan, addressing internal and external communication in addition to containment and recovery activities.”

Topics in this article : ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.