New research has revealed that cybercrime has cost UK businesses over £30.5 billion in 2023, with more than a quarter of all firms across the country impacted by attacks. The study, conducted by internet service provider Beaming, found that small businesses were hit the hardest, experiencing a 42% increase in the number of breaches since 2019, along with a four-fold rise in the costs of cybercrime.
The total cost of cyber security breaches in 2023 was 138% higher than in 2019, reaching an alarming £30.5 billion. On average, the cost of an incident, including expenses for replacing IT assets, recovering data, and financial penalties, amounted to £5,500.
Sonia Blizzard, the managing director at Beaming, expressed concern over the increasing vulnerability of small and medium-sized enterprises (SMEs) to cybercrime. She pointed out that while large businesses are proving more resilient to cyber attacks, the cost of being breached is soaring and SMEs are being hit harder than ever before.
The research also identified the geographical areas most affected by cybercrime, with Wales, Yorkshire and the Humber, and the South West of England showing the highest rates of attacks. In London, the financial impact of cyber incidents was the highest, with firms losing a total of £7.1 billion.
According to the study, the manufacturing and finance sectors were the most frequently affected by cybercrime, with more than 85% of businesses in these industries experiencing breaches last year. Phishing was identified as the most common type of attack, with approximately 679,000 businesses falling victim to it in 2023. Additionally, malware claimed around 426,000 victims, costing almost £2.6 billion.
The research also highlighted a concerning rise in social engineering attacks, which increased from 2% to 7%, as well as a rise in ransomware and DDoS attacks. Furthermore, 412,000 businesses lost sensitive information or suffered other cyber security issues due to employees or contractors, costing an estimated £1.6 billion in 2023.
In addition to the financial impact, the study also examined the emotional cost of cybercrime, finding that virtually all business leaders suffered some form of emotional distress following an attack. Four-in-ten business leaders expressed concern about losing customers as a result of the breach.
Despite the challenges posed by cybercrime, the study revealed that businesses of all sizes have increased their investments in cyber security, with most now providing training in this area. The adoption of sophisticated tools, such as network perimeter firewalls, site-to-site VPN technology, and unified threat management devices, has also accelerated.
Blizzard emphasized the importance of maintaining investment in cyber security training, stating that while businesses are investing in training and technology, they are still under sustained attack. As technology continues to play a pivotal role in business growth, the investment in cyber security training needs to be sustained in order to mitigate the risks posed by cyber threats.
In light of the significant financial and emotional impact of cybercrime, it is evident that businesses must remain vigilant and continue to invest in robust cyber security measures to safeguard their operations and data. As cyber threats continue to evolve and grow in sophistication, proactive and comprehensive cyber security strategies are essential for businesses to protect themselves from the devastating impact of cybercrime.