Home » Topics » Cybersecurity » Half of UK enterprises are ignoring our cyber security advice, says government

Half of UK enterprises are ignoring our cyber security advice, says government

Avatar photoby Ben Rossi

Two thirds of large businesses in the UK experienced a cyber breach or attack in the past year, according to new government research.

The government said some of the breaches caused millions of pounds in damages, but the most common attacks – involving viruses, spyware or malware – could have been detected using its Cyber Essentials scheme.

The survey found that while one in four large firms experiencing a breach did so at least once a month, only half have taken its recommended actions to identify and address vulnerabilities.

Even fewer, about a third of all firms, had formal written cyber security policies and only 10% had an incident management plan in place.

Ed Vaizey, minister for the digital economy, said companies can do more to protect their data.

“Too many firms are losing money, data and consumer confidence with the vast number of cyber attacks,” he said. “It’s absolutely crucial businesses are secure and can protect data. As a minimum, companies should take action by adopting the Cyber Essentials scheme which will help them protect themselves.”

>See also: Top 10 most devastating cyber hacks

Results from the survey were released alongside the government’s new Cyber Governance Health Check, launched in response to a cyber attack on TalkTalk in October 2015 that saw personal details of up to 4 million customers accessed.

Almost half of FTSE 350 businesses regard cyber attacks as the biggest threat to their business when compared with other key risks – up from 29% in 2014 – according to the survey.  

It also found that only a third of FTSE 350 businesses understand the threat of a cyber attack, and just one in five companies have a clear view of the dangers of sharing information with third parties.

Many firms are, however, getting better at managing cyber risks, with almost two thirds now setting out their approach to cyber security in their annual report.

The government has pledged to invest £1.9 billion in tackling cybercrime over the next five years and has encouraged all businesses to take action.

Its ‘10 Steps to Cyber Security’ provides advice to large businesses, while the Cyber Essentials scheme is available to all UK firms. The government is also creating a National Cyber Security Centre that gives businesses a ‘one-stop-shop’ for cyber security support.

A new national cyber security strategy will be published later in 2016 setting out the government's plans to improve cyber security for the public sector, private sector and consumers.   

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Data
Government & Politics

Related Stories

Cybersecurity

Can NIS2 and DORA improve firms’ cybersecurity?

Daniel Lattimer, Area VP at Semperis, explores NIS2 and DORA to see how they compare to more prescriptive compliance models

Cybersecurity

How AI will shift the security landscape in 2024

The impact of AI within cybersecurity is expected to grow significantly this year, says Alex Holland, senior malware analyst at HP

AI & Machine Learning

NCSC releases guidelines for secure AI development

New guidance from the National Cyber Security Centre (NCSC) aims to help businesses securely innovate with AI and minimise risks

Cybersecurity

3 cybersecurity compliance challenges and how to address them

Earning those trust seals can strengthen relationships with board members and prospective customers, but it sure isn’t easy.