Global survey finds that one in six businesses have experienced a cyber attack in the past year.

New research from Grant Thornton revealed that cyber attacks are taking a serious toll on business, with the total cost of attacks globally estimated to be at least US$315bn over the past 12 months.

The global survey of 2,500 business leaders in 35 economies, revealed that more than one in six businesses surveyed faced a cyber attack in the past year. With high-profile security breaches and hacks becoming more prevalent, nearly half of firms are putting themselves in the firing line with no comprehensive strategy to prevent digital crime.

Further analysis of the results reveals that the average cyber attack costs businesses 1.2% of revenues. But despite the clear risk, only just over of half of firms surveyed (52%) said they currently have a cyber security strategy in place.

Paul Jacobs, Global Leader of Cyber Security at Grant Thornton, said:

“Cyber attacks are an increasingly significant danger for business. Not just cost in a financial sense, but serious reputational damage can be inflicted if attacks undermine customer confidence: just ask Ashley Madison. Despite this, nearly half of firms still lack a strategy to deal with the cyber threat.”

Grant Thornton’s research reveals that the sector most concerned by the threat of a cyber attack is financial services (74% of business say it is a threat) – this is also the sector with the joint-highest recorded instances of cyber crime (26%). At the other end of the spectrum, only 10% of transport firms globally have reported a cyber attack in the past 12 months and just 27% perceive it as a threat.

Where businesses are implementing cybersecurity strategies, the number one driver cited is client/customer demand (44%). 42% of businesses have implemented a strategy because of an increased use of automation and other emerging technologies which could leave them exposed.

Paul Jacobs added:

“Many of the perpetrators of cyber attacks are sophisticated, heavily resourced criminal organisations. As the digitisation of business continues, it is vital that businesses take the cyber threat as seriously as the criminals attempting to attack them. Otherwise, cyber attacks will continue to escalate in frequency and scale.”

“Vigilance alone won’t keep businesses safe. Proactive measures are needed. This is an issue which needs to be on the agenda in boardrooms as well as IT departments. Management teams need to be driving cyber strategies which boost awareness of the threat among all staff, and of the policies and procedures in place to deal with the threat. Just as critically, clients and customers also need reassurance that effective controls are in place.”

Find out how to build a Human Firewall with Security Awareness Testing & Training >>