web analytics

Cyber security breaches survey 2023

Identification of cyber security breaches and attacks

Cyber security breaches and attacks remain a common threat. However, smaller organisations are identifying them less than last year. This may reflect that senior managers in smaller organisations view cyber security as less of a priority in the current economic climate than in previous years, so are undertaking less monitoring and logging of breaches or attacks.

  • 32% of businesses and 24% of charities overall recall any breaches or attacks from the last 12 months. This is much higher for medium businesses (59%), large businesses (69%) and high-income charities with £500,000 or more in annual income (56%).
  • This is a decrease from 39% of businesses and 30% of charities in 2022. The drop is driven by smaller organisations – the results for medium and large businesses, and high-income charities, remain at similar levels to last year.
  • Among those identifying any breaches or attacks, we estimate that the single most disruptive breach from the last 12 months cost each business, of any size, an average of approximately £1,100. For medium and large businesses, this was approximately £4,960. For charities, it was approximately £530.
  • The proportion of micro businesses saying cyber security is a high priority has decreased from 80% in 2022 to 68% this year. Qualitative evidence suggests that cyber security has dropped down the priority lists for these smaller organisations, relative to wider economic concerns like inflation and uncertainty.

Cyber hygiene

The most common cyber threats are relatively unsophisticated, so government guidance advises businesses and charities to protect themselves using a set of “cyber hygiene” measures. A majority of businesses and charities have a broad range of these measures in place. The most common are updated malware protection, cloud back-ups, passwords, restricted admin rights and network firewalls – each administered by two-thirds or more of businesses and half or more charities. However, across the last three waves of the survey, some areas of cyber hygiene have seen consistent declines among businesses. This includes:

  • use of password policies (79% in 2021, vs. 70% in 2023)
  • use of network firewalls (78% in 2021 vs. 66% in 2023)
  • restricting admin rights (75% in 2021, vs. 67% in 2023)
  • policies to apply software security updates within 14 days (43% in 2021, vs. 31% in 2023).

These trends mainly reflect shifts in the micro business population and, to a lesser extent, small and medium businesses – large business results have not changed.

Risk management and supply chains

A larger proportion of businesses take actions to identify cyber risks than charities. Larger businesses are the most advanced in this regard. For the first time, the majority of large businesses are reviewing supply chain risks, although this is still relatively rare across organisations overall.

  • Three in ten businesses have undertaken cyber security risk assessments (29%, vs. 27% of charities) in the last year – rising to 51% of medium businesses and 63% of large businesses.
  • A similar proportion of businesses deployed security monitoring tools (30%, vs. 19% of charities) – rising to 53% of medium businesses and 72% of large businesses.
  • Under four in ten businesses (37%) and a third of charities (33%) report being insured against cyber security risks – rising to 63% of medium businesses and 55% of large businesses (i.e. cyber insurance is more common in medium businesses than large ones).
  • Just over one in ten businesses say they review the risks posed by their immediate suppliers (13%, vs. 11% of charities). More medium businesses (27%) and large businesses (55%) review immediate supplier risks. The latter result is up from 44% of large businesses in 2022.
  • Qualitative data suggests that receiving messaging around supply chain risks from bodies such as the National Cyber Security Centre (NCSC), or having the topic raised in audits, helps encourage organisations to take action in this area.

Board engagement and corporate governance

Board engagement and corporate governance approaches towards cyber security tend to be more sophisticated in larger organisations, although corporate reporting of cyber risks remains relatively uncommon, even among large businesses.

  • Three in ten businesses (30%) and charities (31%) have board members or trustees explicitly responsible for cyber security as part of their job role – rising to 41% of medium businesses and 53% of large businesses.
  • 21% of medium businesses and 30% of large businesses have heard of the NCSC’s Board Toolkit (https://www.ncsc.gov.uk/collection/board-toolkit) – rising from 11% and 22% respectively in 2020 (when it was introduced).
  • 49% of medium businesses, 68% of large businesses and 36% of high-income charities have a formal cyber security strategy in place. Qualitative data suggests the impetus to develop strategies can come from management board pressure, audits and business acquisition. It can also coincide with cyber teams gaining operational independence, for example from IT departments.
  • In the last year, 16% of corporate annual reports across medium businesses covered cyber risks, rising to 33% of the reports published by large businesses. Across charities (of all income groups), 9% of these reports covered cyber risks.
  • Qualitative data shows a similar set of issues to previous years that prevent boards from engaging more in cyber security, including a lack of knowledge, training and time. It also highlights the importance of people in cyber roles being able to write persuasive business cases for cyber security spending, especially when they report directly to finance leads.
Cyber-Security-Breaches-Survey-2023Download
LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Joas Antonio
Guide for Multi-Cloud Read Team AWS – GCP – AZURE by Joas Antonio
Guide for Multi-Cloud Read Team...
CISO2CISO Notepad Series
The sqreen DevSecOps Security Checklist
The sqreen DevSecOps Security Checklist
HADESS
DevSecOps Guides – Comprehensive resource for integrating security into the software development by HADESS
DevSecOps Guides – Comprehensive resource...
Splunk
81 Siem Very important Use Cases for your SOC by SPLUNK
81 Siem Very important Use...
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small...
RedHat
State of Kubernetes Security Report 2022 by RedHat
State of Kubernetes Security Report...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...
Forrester - Allie Mellen
Adapt Or Die: XDR Is On A Collision Course With SIEM And SOAR – EDR Is Dead, Long Live XDR by Allie Mellen – Forrester
Adapt Or Die: XDR Is...
CYBER LEADERSHIP INTITUTE
CISO PLAYBOOK: FIRST 100 DAYS Setting the CISO up for success
CISO PLAYBOOK: FIRST 100 DAYS...

LASTEST PUBLISHED POSTS

O push
Preview SaaS Attacks Report
Preview SaaS Attacks Report
Australian Government
Essential Eight Maturity Model Nov 2023
Essential Eight Maturity Model Nov...
HEIDRICK & STRUGGLES
2023 Global Chief Information Security Officer Survey
2023 Global Chief Information Security...
Verizon
DBIR2023 Data BreachInvestigations Report
DBIR2023 Data BreachInvestigations Report
comunidad.thehackerway.es thehackerway.es
15 Scripts NSE Disponibles en Nmap
15 Scripts NSE Disponibles en...
InstaSafe
8 TACKLINGCHALLENGESIN CYBERTHREATINTELLIGENCE
8 TACKLINGCHALLENGESIN CYBERTHREATINTELLIGENCE
whitepaper
7 STEPS TO IMPROVEOT CYBERSECURITYHow to secure access to your OT environment
7 STEPS TO IMPROVEOT CYBERSECURITYHow...
ANDY BROWN & HELMUTH LUDWIG
Cybersecurity: Seven Steps for Boards of Directors
Cybersecurity: Seven Steps for Boards...
Lumiverse Solutions
5G The Next Generation of Cyber Security Risks
5G The Next Generation of...
Wiley Brand for Dummies
Securing APIs for Dummies by Noname Security
Securing APIs for Dummies by...
Sally
The role of Intelligence in Cybersecurity
The role of Intelligence in...
AKITRA
The Most Common Cyber Threats That Businesses Are Facing in 2023
The Most Common Cyber Threats...

More Latest Published Posts

FORTINET
2023 State of Operational Technology and Cybersecurity Report
2023 State of Operational Technology and Cybersecurity Report
Governor Kathy Hochul
NEW YORK STATE CYBERSECURITY STRATEGY AUGUST 2023
NEW YORK STATE CYBERSECURITY STRATEGY AUGUST 2023
Simulated PhishingEducationalCampaign Guide
Simulated PhishingEducationalCampaign Guide
LUMU
Decision Making in Cybersecurity
Decision Making in Cybersecurity
HADESS
DevSecOps Checklists
DevSecOps Checklists
ENISA-EUROPA
DIGITAL IDENTITY STANDARDS
DIGITAL IDENTITY STANDARDS
Lawrence Miller for Dummies
Data Leakage FOR DUMMIES
Data Leakage FOR DUMMIES
DNS Incident Response
DNS Incident Response
DNS Incident Response
REMORA
EMAIL, YOUR CYBER SECURITY FRONTLINE
EMAIL, YOUR CYBER SECURITY FRONTLINE
ICS Security Engineer
Industrial Control Systems: Engineering Foundations and Cyber-Physical Attack Lifecycle
Industrial Control Systems: Engineering Foundations and Cyber-Physical Attack Lifecycle
CDPSE
ESTABLISHING CYBER THREAT INTELLIGENCE
ESTABLISHING CYBER THREAT INTELLIGENCE
Poder Ejecutivo Nacional
ESTRATEGIA NACIONAL DE CIBERSEGURIDAD DE LA REPÚBLICA ARGENTINA
ESTRATEGIA NACIONAL DE CIBERSEGURIDAD DE LA REPÚBLICA ARGENTINA
SEPIO
TEST RESULTSON SOME ATTACKS LEVERAGING ROGUE DEVICES SUCH AS POPULAR HACKING AND PEN-TEST TOOLS
TEST RESULTSON SOME ATTACKS LEVERAGING ROGUE DEVICES SUCH AS POPULAR HACKING AND PEN-TEST TOOLS
CSC 2.0
Full Steam Ahead: Enhancing Maritime Cybersecurity
Full Steam Ahead: Enhancing Maritime Cybersecurity
CR Security Planner
Future of Memory Safety
Future of Memory Safety
Data Protection Commission
GDPR CASE STUDIES
GDPR CASE STUDIES
GDPR compliance
GDPR Compliance Project Initiation Document
GDPR Compliance Project Initiation Document
Congressional Research Service
Generative Artificial Intelligence and Data Privacy: A Primer
Generative Artificial Intelligence and Data Privacy: A Primer
OWASP
Go Language Guide
Go Language Guide
Akamai Guardicore
MITIGACIÓN DE RIESGOS, PREVENCIÓN Y NEUTRALIZACIÓN DE LAS INTRUSIONES
MITIGACIÓN DE RIESGOS, PREVENCIÓN Y NEUTRALIZACIÓN DE LAS INTRUSIONES
CCN Español
Guía de configuración segura para AWS
Guía de configuración segura para AWS
isms Forum
Guía de iniciación en la Seguridad aplicada al DevOps
Guía de iniciación en la Seguridad aplicada al DevOps
ANSI
CHARTE D’UTILISATION DES MOYENS INFORMATIQUES ET DES OUTILS NUMÉRIQUES
CHARTE D’UTILISATION DES MOYENS INFORMATIQUES ET DES OUTILS NUMÉRIQUES
Ministerio del Interior España
GUIDE ON SECURITY CONTROLS IN OT SYSTEMS
GUIDE ON SECURITY CONTROLS IN OT SYSTEMS
CertiKit
A 10 step guide to implementing an ISO 27001 Information Security Management System (ISMS)
A 10 step guide to implementing an ISO 27001 Information Security Management System (ISMS)
Interpol
GUIDELINES FOR DIGITAL FORENSICS FIRST RESPONDERS
GUIDELINES FOR DIGITAL FORENSICS FIRST RESPONDERS
CERTIN
Guidelines for Secure Application Design, Development, Implementation & Operations
Guidelines for Secure Application Design, Development, Implementation & Operations
Hacking with Go
Hacking with Go