Train your staff to spot the signs

16 April 2019

Businesses and charities can still do more to prevent cyber-attacks


The good news is that according to Action Fraud, the number of reported cyber breaches and attacks on businesses has dropped within the past year.

The bad news is that the average cost of cyber-attacks has now risen.

The 2019 Cyber Security Breaches Survey, a Government-led survey detailing business and charity action on cyber security and the costs and impacts of cyber breaches and attacks, shows that 32% of businesses identified a cyber security attack in the last 12 months - down from 43% the previous year.

The reduction is believed to be partly due to the introduction of tough new data laws under the Data Protection Act and the General Data Protection Regulations (GDPR). According to the survey, 30% of businesses and 36% of charities have made changes to their cyber security policies and processes as a result of GDPR coming into force in May 2018.

However, according to the survey, where a breach has resulted in a loss of data or assets, the average cost of a cyber-attack on a business has gone up by more than £1,000 since 2018.

The most common breaches or attacks in the past year have been phishing emails, followed by instances of others impersonating their organisation online, viruses or other malware including ransomware.

According to Action Fraud, less than three in ten companies have trained staff to deal with cyber threats, so there’s still more businesses can do to protect themselves from cyber crime.

Human error remains one of the weakest links in making cyber-attacks and data breaches possible. In a previous report by, human errors were cited as a major factor in most data breaches, exposing organisations to cyber threats through three main types of risks: human error, ignorance and intentional harm.  

Employees remain the first line of defence and educating them regularly about potential cyber-attacks is vital. A culture that encourages and supports employees in being open (and fast to act) when they have made a mistake is essential.

Following this recent Government Survey, small businesses and charities are being urged to take further action. The National Cyber Security Centre (NCSC) lists  Ten Steps to Cyber Security, which provides a free and comprehensive approach to managing cyber risks. Implementation of the 10 Steps will help organisations reduce the likelihood and cost of a cyber-attack or cyber-related data breach.


Contact us for more information

<< Back to Latest News items