One in five UK businesses suffered a cyber attack in the past year

One in five businesses have fallen victim to cyber attacks in the past year, according to the British Chambers of Commerce (BCC).

The survey of more than 1,200 businesses across the UK found that 20% had been hit by a cyber-attack in the last 12 months. Big businesses are far more likely than their smaller counterparts to be victims of attacks (42% of companies with more than 100 staff, compared to 18% of companies with fewer than 99 employees).

“It is interesting that only one in five businesses have said that they have been hit by a cyber attack, and begs the question of whether they actually understand what a cyber-attack looks like? Phishing attacks for example hit every business, large or small, and are a primary method of attack to compromise a network, yet if a business doesn’t classify it as a cyber attack then it will go under the radar and play down the serious and volatile landscape all businesses now reside in,” said Mark Stollery, Managing Consultant, Enterprise and Cyber Security, UK and Ireland at Fujitsu.

The results indicate that businesses are most reliant on IT providers (63%) to resolve issues after an attack, compared to banks and financial institutions (12%) or police and law enforcement (2%).

The findings show that 21% of businesses believe the threat of cybercrime is preventing their company from growing.

“Part of the problem is the lack of awareness that businesses have when it comes to their data. The vast majority of business don’t know what their critical data is, where it’s stored and who has access to it. This combined with a mix and match approach to security technologies has resulted in a patchwork of solutions being deployed that fail to fully protect an organisation from attack,” said John Madelin, CEO at Reliance ACSN.

The survey also shows:

• Only a quarter (24%) of businesses have cyber security accreditations in place
• Smaller businesses are far less likely to have accreditation (10% of sole traders and 15% of those with 1-4 employees) than big businesses (47% with more than 100 employees).
• Of the businesses that do have accreditations, half (49%) believe it gives their business a competitive advantage over rival companies, and a third (33%) consider it important in creating a more secure environment when trading with other businesses

“Support for open source standards like STIX and TAXII need to sit at the core of the fight for true threat intelligence. These help re-align IT security efforts based on real-time information exchanges between government, commercial suppliers, non-profit efforts and industry partners. These standards should be embedded in any UK business to drive a culture of openness and sharing, giving the good guys a far stronger chance in triumphing over the bad,” said Joep Gommers, CEO at EclecticIQ.