Cyber Security Breaches Survey 2020

Cyber Breaches Survey

Published
27/03/2020

The Government has surveyed UK businesses and charities to find out they approach cyber security and help them learn more about the cyber security issues faced by industry. The research informs Government policy on cyber security and how Government works with industry to make Britain one of the most secure places to do business online. This year’s report also surveyed the education sector for the first time, and analysis of this is published on an experimental basis as an annex to the main report.

Respondents were asked about their approach to cyber security and any breaches or attacks over the 12 months before the interview. Main survey interviews took place between October and December 2019. Qualitative follow up interviews took place in January and February 2020.

Some of the key findings are:

  • Almost half of businesses (46%) and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months.
  • Attacks are becoming more frequent. Among those that identify breaches or attacks, more are experiencing these issues at least once a week in 2020 (32%, vs. 22% in 2017).
  • There has been a rise in businesses experiencing phishing attacks (from 72% to 86%), and a fall in viruses or other malware (from 33% to 16%).
  • Organisations have become more resilient to breaches and attacks over time. They are less likely to report negative outcomes or impacts from breaches, and more likely to make a faster recovery.
  • There is growing board engagement in cyber security and increased action.
  • Identification and management of cyber risks has improved over the recent years of the survey, across a range of areas.
  • Organisations appear to have maintained the technical controls and governance processes they introduced for the General Data Protection Regulation (GDPR) (which were detailed in last year’s survey.)
  • There is still more progress organisations could make on a range of diverse areas such as audits, cyber insurance, supplier risks and breach reporting.

Survey trends can be found below or read the full report.

Read the full report