Experts say shocking level of cybersecurity breaches in new government report “are avoidable”

IT experts have responded to the latest government figures on cybersecurity released today, praising UK businesses for greater investment in infrastructure and tools but warning that firms must engage every member of staff in order to mitigate threats.

The Cyber Security Breaches Survey 2024 has revealed that half of all UK businesses were subjected to a cybersecurity breach or attack in the past 12 months.

Phishing was by far the most common type of attack, affecting 84% of businesses and 83% of charities.

Linten Technologies, a leading IT and cybersecurity firm, says the data from the latest survey does not come as a surprise.

Steven Allan, CEO at Linten, commented: “Our experience supports the government figures that businesses are investing more in malware protection, firewalls, multi factor authentication, and business systems and processes. Yet we believe many of those cyberattacks reported are avoidable.

“Many firms are missing one of the most important factors in cybersecurity – their staff.

“As well as creating the right infrastructure and investing in tools, a robust cybersecurity plan needs to engage, educate and empower the whole business, at all levels. This will significantly reduce the risk of a breach.”

Steven Allan also said that the data from the latest survey does not come as a surprise, adding: “Our experience of working with hundreds of firms of all sizes and in all sectors is that awareness of the nature of cyber threats remains low, so preparing to counter them is a major challenge.

“Too many small to medium size firms fail to take appropriate preventative action, for a variety of reasons; limited resources, often no dedicated IT staff, lack of awareness, and perception of low risk amongst them.”

Over the last 12 months, the new data suggests that cyber criminals are targeting bigger companies, with 74% of large firms subject to an attack, while the figure for medium size firms was 70%.

Allan concludes, “This is not an issue that is exclusive to big businesses, however figures and our experience suggests that the bigger you are as a company, the greater the risk of cyber criminals targeting you.

“The important lesson here is that, despite more investment in tools the number of breaches and attacks remains very high.”

Compared to 2023, the government report suggests that firms are investing more in all areas of cybersecurity, which could be due to an improved economic environment but could also be the result of a perceived higher threat level.

Yet the report also highlights that there has been a fall in the proportion of businesses seeking information or guidance on cyber security from outside their organisation, part of a steady decrease since 2018 and 2019.

Allan added: “The threat landscape is evolving very rapidly, and many small to mid-size firms are simply unable to react sufficiently quickly or with the right tools. Outsourcing to cybersecurity experts is an obvious and cost-effective approach.

“Many firms simply can’t afford to have any downtime. However, with careful planning and the right partner, this can be achieved without business interruption. Over the past 20 years, we’ve helped protect hundreds of companies against cybersecurity threats, by proactively monitoring and responding.”