Half of U.K. Businesses Experienced a Security Breach or Cyber Attack in the Last 12 Months

Infostealer Malware Within CyberattacksAnalysis of cyber attacks targeting U.K. organizations highlights the effectiveness of social engineering attacks and the fact that businesses are missing the mark on how to stop it.

The U.K. Government just released their Cyber Security Breaches Survey 2024 where they asked U.K. businesses and charities about their experiences with cyber attacks and breaches, their preparedness plans, response plans and the impacts of the attacks.

According to the survey results, half (50%) of all U.K. businesses and one-third (32%) of charities experienced cyber attacks or security breaches in the last year.  And when you break down the proliferation of attacks, it’s 70% of mid-sized businesses and 74% of enterprise businesses.

In general, cybersecurity is pretty high on the priority list; 75% of businesses say it’s a high priority for them. And yet, only 22% of businesses have formal incident response plans in place. Only 33% say they use security tools designed for monitoring, 17% have done penetration testing and 10% have invested in threat intelligence.

What’s interesting is the top two attack/breach types in the report:

  • 84% of businesses experienced phishing attacks
  • 35% of businesses experienced impersonation of their own staff or organization online or in emails

And it’s these same two that are also considered the “most disruptive.” You’d think businesses would be focused on security measures specifically designed to stop the attacks they experience the most and see the greatest impact from.

And yet, only 18% have run some form of staff training (presumably security awareness training of some kind) as well as phishing testing against users. Both of the top attack/breach types have to do with users being fooled into engaging with a threat actor, or their malicious links and attachments.

If U.K. businesses want to see improvement, they’re going to need to take a look at where they’re weakest and shore up their security in those areas — in this case, their users.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews