Recently, a cyber security breaches survey report claimed that cyber attacks and cyber breaches have declined in the past year due to strict regulations like the GDPR. However, businesses that suffered cyber breaches or attacks were hit often. 32% of companies and 22% of charities identified a cyber breach in the past year, which is less in comparison to the previous year. However, around half of those 32% companies were attacked almost monthly.
What is the Cyber Security Breaches Survey?
The survey is a qualitative and quantitative survey of charities and businesses based in the UK. The quantitative element was conducted in 2018, while the qualitative survey was conducted earlier this year. The survey helps government frame its policies in relation to the cyber security threats. Further, it helps companies and charities understand the significance of cyber attacks and how they can maintain cyber security.
According to the survey report, 32% of the businesses required new measures to prevent cyber breaches or attacks in the future. 27% of the businesses took up staff time to deal with cyber breaches.
These are concerning numbers. In UK, as per this report, 30% of businesses and 36% of charities made changes to their cyber security policies to conform to the GDPR. In addition to this, over 15% of businesses conducted extra staff training, while 11% changed system or firewall configurations. The report revealed that 31% of businesses did a cyber risk assessment in the last 12 months.
Why are only 32% of businesses identifying cyber breaches?
The report notes that businesses are becoming more and more cyber-secure now in comparison to last year, because of cyber attacks. This has led to fewer attacks overcoming their systems and fewer businesses recording cyber breaches. Another possible explanation given by the report is the “change in cyber criminal’s behavior.” Now, attackers are focusing more on a limited range of businesses, which is why the businesses that were hit were affected by cyber breaches or attacks more frequently.
These findings call for strict cyber security and frequent cyber risk assessments by companies, especially those which engage with their customers through internet. Further, proper training and communication must with done with staff to prevent cyber attacks.