07 March 2025
The Cyber Security Breaches Survey is a key UK government report, helping know how well businesses and charities are at protecting themselves online. It looks at the type of cyber threats organisations face and what steps they need to take to stay safe. By collecting such information, the UK government becomes better at national cyber security, offering better support to organisations.
The 2024 survey takes a closer look at cybercrime and fraud that are linked to security breaches. Researchers asked many questions to help get a clear picture, and had in-depth discussions with some of them. This finding highlights where businesses are progressing, including the areas where they need support. Let us see how, by understanding these risks, businesses, charities, and the government can work together to strengthen cyber security across the UK.
Most businesses (75%) and over half of charities (63%) consider online security a major concern, especially among top leaders. While businesses increasingly prioritise cybersecurity, industries like finance and technology see it as vital for growth.
Sectors like hotels and food services are now more attentive, whereas farming remains less focused. Nationwide, businesses are refocusing after a slight dip in attention, while charities maintain their commitment. Despite budget constraints, many invest in cybersecurity, though smaller charities struggle to match the same level of investment.
Despite all this, cyber security incidents and attacks continue to pose major risks. According to the Official Statistics Cyber Security Breaches Survey 2024 ,50% of businesses and 32% of charities encountered a cyber breach or attack in the past year. The prevalence is higher among medium-sized businesses (70%), large businesses (74%), and charities with an annual income of £500,000 or more (66%).
Talking about phishing remains the most prevalent type of cyber attack, affecting 84% of businesses and 83% of charities. Other common threats include impersonation attempts via email or online (35% of businesses and 37% of charities) and malware infections, including viruses (17% of businesses and 14% of charities).
This year, modifications were made to the question measuring overall cyber attack and breach occurrences. Because of that, direct comparisons between data from 2023 and 2024 are not possible.
Businesses update senior managers on cyber security more frequently than charities, though charities, especially higher-income ones, are improving. Around 1 in 3 businesses and charities have a board member overseeing security.
Sectors like banking, legal firms, healthcare, and government face growing digital threats, with public sector security becoming increasingly challenging. Larger businesses and certain industries now have dedicated board members for cyber security, and charities are following suit.
When top executives engage, cyber security teams receive better support. However, some board members neglect this due to a lack of understanding, time constraints, or underestimating the risk.
Approximately 4 in 10 businesses and charities look for outside help or information about cyber security. Fewer businesses are doing this now, especially if we look at the earlier data. Organisations and charities, particularly the smaller ones, are less likely to seek this kind of help.
Most organisations rely on computer security companies, IT consultants, and online searches for cyber security information, with few referring to official government sources. To learn more, check out our blog on the Role of Cyber Security.
Upon reviewing the survey, one can notice the increasing prioritisation of cyber security, particularly among larger businesses and high-income charities. Still, though there are many areas where progress has stalled. Ensuring that organisations, especially smaller businesses and charities, get the required help and guidance remains a key focus.
These trends suggest progress in identifying cyber and related risks but also indicate the different challenges. In particular, they struggle with consistent prioritisation, effective dissemination of advice, and being over-relied on paid external IT support.
Cyber security breaches survey of 2024 highlights progress as well as ongoing challenges. While many understand the importance of online protection, the level of focus and investment varies greatly across different sectors and organisation sizes. Larger industries such as technology and finance are increasingly working on cyber security, while smaller organisations and charities like farming still lag behind. Therefore, with continued focus and accessibility, relevant guidance is crucial for strengthening cyber resilience across the UK.
As the world is about to enter the year 2025, Cybersecurity continues to be a significant worry for both businesses…
READ MORE
Businesses nowadays need to identify early signs of a security breach as cyber threats are evolving rapidly. Breach is caused…
READ MORE
Cybersecurity challenges have now become a daily concern. With phishing attacks on the rise, one particularly dangerous tactic, known as…
READ MORE
IT infrastructure plays a key role in the current business environment. However, not every organisation has access to the same…
READ MORE
