Understanding Cyber Security Breaches: Insights from the Cyber Security Breaches Survey

By Parvinder Singh

Updated on

As someone who’s passionate, about cybersecurity and advocates for safety I am delighted to present a comprehensive analysis derived from the Cyber Security Breaches Survey 2023. This survey, which aligns with the National Cyber Strategy provides insights into the state of cyber resilience in the UK.

Horizontal bar chart showing the percentage of organizations complying with recognized standards and accreditations like Cyber Essentials or ISO 27001.
Horizontal bar chart showing the percentage of organizations complying with recognized standards and accreditations like Cyber Essentials or ISO 27001.

It sheds light on the policies, challenges and evolving landscape of cybersecurity across businesses, charities and educational institutions.

When it comes to seeking information or guidance on cybersecurity – many organizations are not fully embracing recognized standards and accreditations such as Cyber Essentials or ISO 27001.

This applies across the board although medium and large businesses tend to have awareness and compliance with these standards compared to entities.

Detection of Cyber Security Breaches and Attacks

Bar chart showing the percentage of businesses and charities experiencing breaches or attacks
Bar chart showing the percentage of businesses and charities experiencing breaches or attacks in the last 12 months for the years 2022 and 2023.


The survey reveals trends, in how cyber security breaches and attackers identified, with smaller organizations reporting them less frequently.

Notably 32% of businesses and 24% of charities recalled experiencing breaches or attacks within the year which shows a decrease compared to the year.

This decline, noticeable in organizations suggests a potential shift in priorities due to economic uncertainties.


Financial Impact of Breaches and Attacks

Clustered bar chart showing the average cost of the most disruptive breach for businesses and charities.
Clustered bar chart showing the average cost of the most disruptive breach for businesses and charities, with a separate bar for larger businesses.


Among organizations that identified breaches or attacks the survey estimates that the disruptive breach incurred a cost of approximately £1,100 for businesses and £530 for charities. However larger businesses faced costs averaging around £4,960. This difference highlights the consequences that cyber incidents have on entities of sizes within the UK.


Cyber Hygiene Practices

chart illustrating the adoption rates of different cyber hygiene measures over the past three years.
Pie chart illustrating the adoption rates of different cyber hygiene measures over the past three years.


While many businesses and charities adopt cyber hygiene measures the survey indicates declines in areas over the past three years.

Specifically there has been a decrease among businesses ( micro and small entities) in terms of implementing password policies using network firewalls restricting administrative rights and promptly installing software security updates within 14 days.


Risk Management and Supply Chains

Stacked bar chart comparing the proportion of businesses and charities undertaking cyber risk management practices.
Stacked bar chart comparing the proportion of businesses and charities undertaking cyber risk management practices.


The survey reveals differences in risk management practices between businesses and charities, with larger businesses demonstrating approaches.

Interestingly a larger percentage of companies conduct evaluations of cyber security risks monitor their security measures and have cyber insurance in place. This trend is particularly noticeable, among large businesses.

Board Engagement and Corporate Governance

 Radar chart depicting the presence of board members specifically responsible for cybersecurity across different organization sizes.
Radar chart depicting the presence of board members specifically responsible for cybersecurity across different organization sizes.


Regarding board engagement and corporate governance there is a diversity, in cybersecurity strategies. Larger organizations tend to adopt approaches to ensure effective security measures.

Notably, a substantial number of medium and large businesses have board members specifically responsible for cybersecurity, reflecting a higher awareness and commitment to cyber resilience at the management level.

Incident Response and Cyber Crime

Horizontal bar chart showing the percentage of organizations complying with recognized standards and accreditations like Cyber Essentials or ISO 27001.
Horizontal bar chart showing the percentage of organizations complying with recognized standards and accreditations like Cyber Essentials or ISO 27001.

The survey reveals that formal incident response plans are not widely implemented across organizations despite their intentions to take actions after an incident occurs.

This highlights a gap in aligning IT teams with staff members. Emphasizes the need for improved communication strategies and incident response protocols.

Conclusion

In conclusion the Cyber Security Breaches Survey 2023 areas where cybersecurity practices can be improved across organizations of sizes.

While larger entities demonstrate strategies in this regard smaller organizations face challenges when it comes to prioritizing cyber resilience due to economic concerns.

Bridging these gaps enhancing incident response plans and encouraging compliance with recognized standards are steps, toward creating a secure cyberspace.


My goal, in sharing these findings from the Cyber Security Breaches Survey 2023 is to provide information and empower readers to comprehend the common cybersecurity obstacles. I also encourage taking steps to strengthen defences.

Tags:

You might also like these Guides