Given the costs recognised in this survey (£737k) and the fact that when GDPR comes into force the associated costs are going to increase drastically, it is shocking that so many organisations are unprepared for cyber attacks.

It is true that no organisation can ever be 100% "safe," however, there are certain controls that can be implemented to prevent becoming a likely target.

The key is to not go into this swinging blindly. Developing a well structured vulnerability assessment can help not only identify existing gaps, but also provide a road map that organisations need to take to improve their security posture.