The state of cyber resilience at the close of 2021

13th January 2022


The pandemic forced UK organisations across several industries to adopt remote working in order to enforce social distancing measures—forcing several organisations to accelerate their digital transformation.

At the same time, financial and political instability created a volatile environment that spurred cybercriminals on to become bolder in their cyberattacks.

How has cybersecurity fared during the past few years?

Cyberattacks surged over fivefold as a result of the pandemic.

The UK's largest organisations suffered, on average, 885 cyberattacks in a single year; more than triple the global average of 270.

Furthermore, the cost of cybercrime has grown to over £1.3 million a year—£350,000 more than the global average.

With companies forced to make an overnight transition to digital working, company systems are not as stable as they should be.

A successful data breach also does more damage and puts data at significant risk, with over half of UK organisations reporting that they lost over 100,000 customer records in a year.

Business executives have, however, taken action to curtail the rising number of cyberattacks.

UK executives have increased cybersecurity budgets by at least 10% to tackle growing threats and protect their data by bolstering cyber defences in the face of bolder, more aggressive cybercriminals.

Thanks to larger cybersecurity budgets, UK organisations have reduced the number of successful breaches from 30 to 17 a year. Organisations have also improved cyber incident response rates, with over 90% of organisations taking less than 30 days to remediate an attack.

What security concerns do organisations face in the future?

Despite the progress made last year, there are concerns that must be addressed. Over 80% of organisations say the cost of staying ahead of cybercriminals is unsustainable, an increase from the previous year where only a fifth of businesses made this statement.

If organisations are to make cyber defence sustainable, they need to devise more cost-effective means of staying ahead of cybercriminals.

Businesses must also expand their cyber defences to a wider ecosystem and secure their data because indirect cyberattacks through the supply chain accounted for 64% of cyber breaches in recent years.

The pressure to devise more cost-effective means to stay updated on cyberattacks and monitor the supply chain more closely indicates the importance of better cybersecurity and supply chain security technology to reduce cyberattacks and data breaches.