The number of UK business falling victim to cybercrime has doubled over the past five years, costing the economy an estimated tens of billions in the process, according to new research from Beaming.
The business ISP polled over 2500 companies between 2015 and 2019 to compile its latest report, Five Years in Cyber Security.
The percentage of respondents claiming to have fallen victim to cybercrime rose over that time period from 13% in 2015 to a quarter (25%) last year, equivalent to around 1.5 million businesses.
Although large firms with over 250 employees were the most likely to suffer attacks, with over 87% impacted last year, smaller businesses (11-50 employees) experienced the steepest rise, from 28% in 2015 to 68% last year.
Beaming estimated the total cost to UK firms over this five-year period to be in the region of £87bn, including damaged assets, financial penalties and lost productivity. A spokesperson told Infosecurity that it extrapolated the figure from an average cost calculated from interviews with business leaders.
Phishing was the most likely form of attack to successfully strike UK victim organizations, linked to a 50% increase in victims, with employees accountable for around a third of breaches (36%) in 2019.
Beaming managing director, Sonia Blizzard, argued that automated attack methodologies have helped cyber-criminals ramp up scale, frequency and sophistication.
“The threat has grown astronomically over the last five years. What used to be seen as a big-business problem has become a serious concern for every company director, manager and IT professional out there,” she added.
“Small businesses are now on the front line in the war against cybercrime, but they haven’t invested in cybersecurity or employee education at the same rate as their larger counterparts, and they are easier targets as a result.”
Although many small (20%), medium (24%) and large companies (36%) now discuss cyber-threats at board level, investments in security have not always been forthcoming.
In 2015, 30% of businesses had a firewall at the network perimeter; a figure that stands at just 37% today. Those with employee awareness-raising programs in place rose from 20% to just 22% over the same time, according to the report.