The government has called on businesses and charities to beef up their cyber security defences after new figures revealed the financial cost of breaches has shot up.
A survey published by the Department for Digital, Culture, Media and Sport (DCMS) revealed the percentage of businesses suffering attacks has dropped to 32 per cent, down from 43 per cent last year.
The DCMS said the reduction in businesses affected was partly due to new GDPR laws, which have forced businesses to make changes to their cyber security policies.
But those businesses that have fallen victim to breaches are now experiencing more of them, while the financial costs linked to the attacks has increased.
The average costs to businesses that have lost data or assets through cyber attacks was £4,180 in 2019, higher than the £3,160 reported last year.
Digital minister Margot James said: “Following the introduction of new data protection laws in the UK it’s encouraging to see that business and charity leaders are taking cyber security more seriously than ever before.
“However, with less than three in ten of those companies having trained staff to deal with cyber threats, there’s still a long way to go to make sure that organisations are better protected.”
The most common attacks reported by businesses were phishing emails, which trick people into giving away personal details. Companies also reported instances of people impersonating their organisation online, as well as other viruses or malware.
The figures come after it emerged Iranian hackers launched a major campaign of cyber attacks on key parts of UK infrastructure, as well as private sector firms.
The mobile phone numbers of at least 10 MPs and peers, as well as Post Office boss Paula Vennells, are thought to have been stolen in the attacks on 23 December last year, Sky News reported.
Josh Hardie, deputy director general of the Confederation of British lndustry (CBI), said: “There’s been a real shift amongst businesses when it comes to cyber security – it’s clear to see that it’s now a top priority with concrete action being taken.
“But businesses can’t be complacent. The widespread attack to both public and charities sector entities underlines the importance of having robust cyber incident response plans.”