UK organizations were hit with on average 40% more targeted attacks than their European counterparts last year, but ended up paying far less, according to new research from Trend Micro.
The majority (64%) of the 500 European IT leaders polled by the cybersecurity giant said they believe that covert, targeted attacks had grown in volume over the past 12 months.
However, the average number of attacks against UK organizations (8.6) was significantly higher than that across Europe (6.2).
Over half of European (52%) and UK firms (53%) are concerned a targeted attack would have a serious impact on their organization.
However, most UK respondents said they had measures in place to mitigate such an attack. What’s more, the average estimated cost for a UK business is £172,000 compared to £243,000 for all Europe.
Trend Micro claimed this indicates that UK firms are better prepared for a serious attack than their European counterparts.
For example, over half of UK firms (51%) said a breach response plan was very important, versus just 38% across Europe.
The survey also revealed that almost no UK IT leaders believe targeted attacks are set to decrease in volume, with a majority now claiming they’re on the rise.
Tellingly the number who believe the problem of targeted attacks has been exaggerated dropped from 26% to just 7% last year – as IT decision-makers begin to realize this trend is more than just vendor hype.
Trend Micro vice president of research, Rik Ferguson, argued that organizations can still prepare better for targeted attacks
“A large number of businesses report having training and penetration testing measures in place, but relatively few are conducting cyber-readiness tests, or fire drills,” he claimed in a statement.
“Raising user awareness and probing your systems are both crucial components but they cannot be fully tested unless brought together in a live-fire exercise involving your employees.”
The findings echo those of a recent Gemalto study which claimed that the UK suffered the most data breaches in Europe in the first half of the year – 63 as opposed to just eight in second-placed Germany.
However, with no mandatory breach notification laws until their expected introduction with the EU General Data Protection Regulation, the true level of cyber-attacks and data breaches across the region remains a mystery.