The UK Department for Digital, Culture, Media & Sport recently published a report to help businesses and charities understand the nature of the cyber security threats they face. Notably, the “Cyber Security Breaches Survey” found that cyber-attacks continue to evolve and are more frequent, with close to 50% of businesses and more than a quarter of charities reporting a security breach in the past year.

Although organizations that suffer a breach still incur substantial costs, the positive news is that they have become more resilient, with faster recovery times and fewer negative outcomes or impacts. This may be due, in part, to the increased involvement in board engagement, with eight in 10 businesses and three-quarters of charities stating that cyber security is a high priority for their senior management boards.

Nonetheless, each breach and eventual combo package results in our personally identifiable information circulating in underground markets as fresh material for threat actors to use. 

The report found that phishing attacks targeting businesses have jumped 14% since 2017. More than 80% of businesses and charities have received fraudulent emails in the last 12 months, and COVID-19 will surely exacerbate this problem. Organizations have a responsibility to educate their employees on cybersecurity, because human error – which is entirely preventable – is often times the cause of a breach.