Contact Us

Contact Us

Please get in touch using the form below

1000 characters left
View our privacy policy

The UK government’s Cyber Security Breaches Survey is an in-depth analysis of the cyber resilience of businesses, charities and educational institutions across the country.

The Cyber Security Breaches Survey helps to inform government policy on cyber security. As well as exploring processes and approaches to cyber security within a range of different organisations, the survey also looks at the varying types of cyber-attacks they face and their responses. In this blog post, we outline some of the main findings of the 2022 survey.


Cyber-attack frequency and impact

The survey reveals that, in the 12 months leading up to 31 March 2022, 39% of UK businesses experienced a cyber-attack. While this is consistent with previous surveys, the research highlights the fact that enhanced cyber security leads to more identification of attacks, so less cyber-mature organisations could be underreporting.

Of the organisations that reported cyber-attacks, 31% of businesses and 26% of charities estimate they were attacked at least once a week. One in five businesses and charities experienced a negative outcome as a direct consequence of a cyber-attack while one third of businesses and almost four in ten charities reported at least one negative impact.


The cost of attacks

The survey provides an average estimated cost of £4,200 of all cyber-attacks for each organisation. However, this rises to £19,400 per organisation when considering only medium and large businesses.


Types of attacks

Of the 39% of UK businesses that identified an attack, the most common threat vector was phishing (83%). Around one in five of these organisations identified a more sophisticated type of attack, such as a denial of service, malware or ransomware. Organisations identify ransomware as a major threat, with 56% of businesses having a policy to not pay ransoms.

These findings reflect those in the Kroll Q4 Threat Landscape Report, which discusses phishing and ransomware as a significant challenge, with phishing attacks remaining the most popular source of infection vector used by adversaries, and a spike in new actor-controlled ransomware sites and new ransomware variants being identified.


Limitations around incident management

The survey findings also highlight organisations’ limitations around incident management policy, with just 19% of businesses having a formal incident response plan. The survey also found that businesses take a reactive approach in response to breaches, with 84% of businesses saying they would inform the board, while 73% would make an assessment of the attack.


How Kroll can help

Kroll is a leading provider of end-to-end cybersecurity, digital forensics and breach response services – responding to over 3,000 security events every year. We are well-placed to help you detect and respond effectively to many types of incidents and enhance your organisation’s incident response procedures, with experts on hand 24/7 to provide assistance across the incident lifecycle.


Discover our Incident Response services