The prevalence and severity of cyber-attacks/breaches has damningly increased over the last few years. This year alone (2019), 55% of UK firms have already faced a cyber-attack and losses from breaches have accounted to a shocking £176,000 on average, according to statistics from insurance provider Hiscox.
Just in November 2019, one of the most prolific targets was the Labour Party – where hackers deployed two large-scale cyber-attacks across the political parties’ digital platforms.
Interested in how serious businesses are about cyber security, Specops Software analysed the latest findings from Gov.uk to see how much 1,091 UK firms from a range of sectors have invested in cyber security during 2018-19.
Additionally, 2018-19 cyber security investment figures where compared to 2017-18 (April 2017 – March 2018), to see if year-on-year cyber security investment had increased or decreased for each of the reviewed sectors.
Specops Software found that finance and insurance firms have invested the most on cyber security, at a significant £22,050. This represents an increase of 23% from the previous year (2017-18), where finance and insurance companies were spending £17,900 on average.
Thereafter, firms in health/social care/social work invested the second highest amount on cyber security at £16,800. From the considered sectors, it marked the biggest rise (an astronomical 506%) in cyber security spending when compared to the year before (2017-18) – where the average outlay was only £2,770.
Contrastingly, businesses in the food and hospitality industry invested the least financially, at an average of just £1,080. Despite the low sum, it was still an increase of 20% from 2017-18 – when firms within the sectors were spending £900.
Investing slightly more than the food/hospitality sector, entertainment/service/membership firms splashed out an average of £1,940 on cyber security in 2018-19. An astounding surge of 152% in contrast to 2017-18 – where cyber security investment was a mere £770.
Specops Software’s top three tips for effectively maintaining high cyber security standards
Review IT Estate
Carry out a regular assessment of IT systems to identify any vulnerabilities that maybe targeted and exposed by opportunistic cyber-criminals.
Education and Governance
Create a formal document which establishes the firm’s best practices and policies on cyber security. Within this, give employees clear guidance on what they can and cannot do on the company’s IT devices/systems/networks.
Safeguard and Protect
Keep anti-virus software up-to-date, apply the latest security patches and periodically change passwords across IT estate.