top of page
Writer's pictureGiles Lindsay

Key Insights and Review of the Cyber Security Breaches Survey 2024

Cyber security concept in digital art
Cyber security concept in digital art

Foreword

The Cybersecurity Breaches Survey 2024 was released in April, and I’m not sure how many of my network members have encountered it yet. With cybersecurity being such a pressing issue for all organisations, I thought sharing a short survey review would be useful. The findings offer a valuable look into the current state of cyber threats and the protective measures in place across various sectors. Here's a breakdown of the key insights and what they mean for businesses and charities alike.


Introduction

Cybersecurity stands as a critical concern for all organisations. The Cyber Security Breaches Survey 2024 sheds light on the current state of cyber threats and the measures organisations are taking to protect themselves. This article reviews the key points from the survey, providing a comprehensive look at the findings and implications for businesses and charities.


Overview

The survey, conducted by the Department for Science, Innovation, and Technology alongside the Home Office, examines the frequency and nature of cyber attacks, their impact on different sectors, and the measures organisations have in place to defend against these threats.


Purpose and Scope

The main goal is to understand how often cyber attacks occur, the types of attacks, and how prepared organisations are to mitigate these risks. The report covers various entities, from micro to large businesses and charities, offering a detailed picture of the cybersecurity landscape.


Methodology

Data collection involved 2,000 UK businesses and 456 charities. The survey used qualitative and quantitative methods to analyse cybersecurity's current state comprehensively.


General Statistics

In the past year, half of UK businesses and nearly a third of charities reported experiencing cyber breaches or attacks. Phishing is the most common type of attack, affecting 84% of businesses and 83% of charities.


Specific Incidents and Attacks

Other prevalent incidents besides phishing include email impersonation, which impacted 35% of businesses and 37% of charities. Malware attacks affected 17% of businesses and 14% of charities, while ransomware incidents were reported by 6% of businesses and 3% of charities.


Impact on Different Sectors

Different sectors experience varying levels of impact from cyber attacks, with larger businesses more susceptible than smaller ones and charities.


Businesses

Businesses face distinct challenges based on their size, with larger enterprises generally having more complex and higher-risk profiles.


Micro Businesses

Nearly half of micro businesses (47%) reported breaches. Limited resources often hinder their ability to implement comprehensive cybersecurity measures.


Small Businesses

More than half of small businesses (58%) experienced attacks, underscoring the vulnerability of even smaller enterprises.


Medium Businesses

Medium-sized businesses reported a higher incidence of breaches (70%), highlighting the need for robust cybersecurity strategies.


Large Businesses

The highest rate of breaches was found among large businesses (74%), reflecting their larger digital footprints and more complex IT infrastructures.


Charities

About a third of charities (32%) reported cyber incidents, which can be particularly damaging given their typically limited resources and the sensitive nature of their work.


Cyber Security Measures in Place

Organisations deploy various measures to combat cyber threats, with varying levels of effectiveness.


Common Practices

The most common measures include up-to-date malware protection (83%), firewalls (75%), and strong password policies (72%). These form the basic defence against cyber threats.


Advanced Measures

Less common but crucial measures include two-factor authentication (39%) and VPNs for remote access (32%). These advanced practices enhance security significantly.


Challenges in Cybersecurity

Organisations face several challenges in maintaining robust cybersecurity despite the measures in place.


Human Factors

Human error remains a critical vulnerability, particularly with phishing attacks that exploit this weakness. Training and awareness programs are essential to reduce this risk.


Technological Gaps

Many organisations, especially smaller ones, struggle to keep pace with evolving cyber threats due to limited technological resources.


Recommendations for Improvement

The survey offers several recommendations to enhance cybersecurity across different sectors.


Enhancing Training and Awareness

Regular training and awareness programs can help employees recognise and respond more effectively to cyber threats, reducing the risk of human error.


Investing in Advanced Technologies

Organisations should invest in advanced cybersecurity technologies, such as AI-driven threat detection and response systems, to stay ahead of cybercriminals.


Strengthening Policies and Procedures

Developing and enforcing robust cybersecurity policies and procedures is crucial for maintaining a strong security posture. This includes regular audits and updates to security protocols.


Conclusion

The Cyber Security Breaches Survey 2024 highlights ongoing challenges and the evolving nature of cyber threats. Continuous improvement in cybersecurity measures is essential and tailored to the specific needs of different sectors. Addressing human factors and technological gaps and strengthening policies will help organisations better protect themselves against cyber threats.


FAQs

Q1: What is the most common type of cyber attack reported in the survey?

Phishing attacks are the most common, affecting 84% of businesses and 83% of charities.


Q2: How do cyber attack impacts differ between businesses and charities?

Businesses report more financial losses, whereas charities face greater operational disruptions.


Q3: What measures are most commonly implemented by organisations to combat cyber threats?

Up-to-date malware protection, firewalls, and strong password policies are the most common measures.


Q4: Why do larger businesses report more cyber breaches?

Larger businesses have more complex IT setups and higher exposure, making them more attractive targets for cybercriminals.


Q5: What are some advanced cybersecurity measures recommended by the survey?

Advanced measures include two-factor authentication, VPNs for remote access, and AI-driven threat detection systems.


About the Author

Giles Lindsay is a technology executive, business agility coach, and CEO of Agile Delta Consulting Limited. Renowned for his award-winning expertise, Giles was recently honoured in the prestigious "World 100 CIO/CTO 2024" listing by Marlow Business School. He has a proven track record in driving digital transformation and technological leadership, adeptly scaling high-performing delivery teams across various industries, from nimble startups to leading enterprises. His roles, from CTO or CIO to visionary change agent, have always centred on defining overarching technology strategies and aligning them with organisational objectives.


Giles is a Fellow of the Chartered Management Institute (FCMI), the BCS, The Chartered Institute for IT (FBCS), and The Institution of Analysts & Programmers (FIAP). His leadership across the UK and global technology companies has consistently fostered innovation, growth, and adept stakeholder management. With a unique ability to demystify intricate technical concepts, he’s enabled better ways of working across organisations.


Giles’ commitment extends to the literary realm with his book: “Clearly Agile: A Leadership Guide to Business Agility”. This comprehensive guide focuses on embracing Agile principles to effect transformative change in organisations. An ardent advocate for continuous improvement and innovation, Giles is unwaveringly dedicated to creating a business world that prioritises value, inclusivity, and societal advancement.


5 views0 comments

Recent Posts

See All

Commentaires


bottom of page