What you need to know about the latest Cyber Security Breaches Survey 2021

What you need to know about the latest Cyber Security Breaches Survey 2021

Tackling cyber-crime continues to be a priority for the government as they published findings from the sixth Cyber Security Breaches Survey alongside the biggest refresh of their Cyber Essentials scheme since its launch.

Below, we’ve highlighted key statistics from the report:

1. Four in ten businesses (39%) and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months.


2. Like previous years, this is higher among medium businesses (65%), large businesses (64%) and high-income charities (51%).


3. Among the 39 per cent of businesses that identify breaches or attacks, one in five (21% and) experience a negative outcome such as losing money, data or other assets.


4. Where businesses have faced breaches with material outcomes, the average (mean) cost of all the cyber security breaches these businesses have experienced in the past 12 months is estimated to be £8,460. This figure rises to £13,400 for medium and large firms.


5. Over four in ten businesses (43%) and three in ten charities (29%) report being insured against cyber risks in some way, however this is more likely to be as part of a wider insurance policy.


Government resources

As we see insurers becoming more diligent on the risks they’re prepared to take, there are measures you can take to assist your clients in securing coverage. For example further support is available from the government, through their Cyber Essentials scheme which enables organisations to be independently certified for having met a good-practice standard in cyber security. Specifically, it requires them to enact basic technical controls across five areas:

  • boundary firewalls and internet gateways
  • secure configurations
  • user access controls
  • malware protection
  • patch management (i.e. applying software updates).

Other accreditation organisations may consider include ISO 27001 – an international standard for an Information Security Management System, the Payment Card Industry Data Security Standard (PCI DSS) and any National Institute of Standards and Technology (NIST) standards.

You can also access the government’s 10 Steps to Cyber Security guidance sets out a comprehensive risk management regime that both businesses and charities can follow to improve their cyber security standards.


Concerned about cyber-crime? Our suite can help

We are the provider of choice for cyber risk management and mitigation solutions, specialising in the needs of small businesses. We offer a suite of risk mitigation tools to make businesses aware of the risks they face before they cause significant damage. We also offer after-the-event insurance solutions to help your clients if they fall victim to a cyber-attack. Whether your clients are businesses or consumers, we have something in our kit bag that can help.

Share This