Priya PatelTLDR:
- UK’s cyber resilience is stagnating, with more businesses and charities falling victim to cyber attacks.
- Improvements are needed in incident response and recovery plans, employee security awareness, and basic skills.
Three-quarters of medium and large enterprises in the UK, and four-fifths of high-income charities, have experienced cyber security incidents in the past year. However, overall cyber resilience seems to be stagnating, with economic challenges leading to reduced investment in security measures. The government is urging organizations to ramp up their cyber protections. While there have been improvements in cyber resilience since 2022, more robust safeguards are needed to address emerging cyber risks. Larger organizations are better equipped to maintain ongoing development of their cyber postures. In terms of incident prevalence, businesses and charities commonly face fraudulent emails, malware infections, and website hacking attempts. Financial costs of security incidents can be significant, with the mean cost for all businesses at £2,718. Despite some improvements, there is still a need for organizations, especially charities, to enhance their security measures, including attaining certifications and upgrading incident response plans.
