More than 43 percent of UK businesses have been hit by cyberattack over the last year including two-thirds of large businesses, the government has said.
The National Cyber Security Centre report said a “huge proportion” of organisations are failing to address primary cybersecurity measures, including updating their software and anti-malware products.
Ciaran Martin, CEO of the government’s National Cyber Security Centre, said: “Cyber attacks can inflict serious commercial damage and reputational harm, but most campaigns are not highly sophisticated.”
Phishing has been the most common method of cyber attack over the last 12 months, the report claimed, followed by instances of hackers posing as a company’s employees. “Companies can significantly reduce their chances of falling victim by following simple cybersecurity steps to remove fundamental weaknesses.”
The average cost of a cyber attack for large businesses was £9,260, with some outbreaks costing “significantly more”.
The government called on organisations to take cybersecurity more seriously, particularly with the General Data Protection Regulation’s (GDPR) impending enforcement date.
Information commissioner Elizabeth Denham said: “Data protection and cybersecurity go hand in hand – privacy depends on security.
“With the new data protection law, GDPR, taking effect in just a few weeks, it’s more important than ever that organisations focus on cybersecurity.
“We understand that there will be attempts to breach systems; we fully accept that cyber attacks are a criminal act, but we also believe organisations need to take steps to protect themselves against the criminals.
“I would encourage organisations to use the new regulations as an opportunity to focus on data protection and data security.”