At first glance it is good to see a decline in the percentage of UK businesses who said their data was breached or attacked. However, this one statistic should not be used as a reason not to take the threat seriously and may not tell the entire story!
The survey also revealed that those who had been attacked had been attacked with more frequency and there was also clustering around certain industries - for example information/communication firms. It could also be a sign that although the total number of attacks has reduced, those that do persist are more targeted and measured - as opposed to a "hit and hope" approach.
Digging deeper, the most common form of attack was phishing - where 80% of those breached were targeted through fraudulent emails and/or websites. And although technological measures can help protect against these attacks, it once again goes to show that human-measures are vital: educating and building awareness amongst users can go a long way in helping protect a business and should never be overlooked.
Regardless of size, sector or historic attacks, companies need to maintain vigilance and continue to improve in cyber defenses - meaning human as well as technological measures.
On April 3, the U.K. Department for Digital, Culture, Media and Sport published the Cyber Security Breaches Survey. Only 32% of U.K. businesses contacted for the survey said their data was breached or attacked, a decrease from 2018’s 43%. While that 11% decline might seem like a congratulatory statistic, it may underscore a trend of a smaller group of companies being successfully—and more frequently—targeted with cyberattacks.