The National Cyber Security Index (NCSI) website ranks the United Kingdom 22nd in the world according to its preparedness against cyber attacks. But what does this mean in reality? We compared the UK statistics, citizens' reports, and live data from different sources in order to get a realistic picture of cybersecurity in the UK.
So, is the UK a safe place to manage your business and personal affairs online? Let's find out!
Cybersecurity and cybercrime in the UK – the latest statistics, data, and facts
Cybercrime is on the rise in every corner of the world, including the UK. Let's see what the numbers and facts tell us about online security in the UK.
1. 72% of large organizations and 36% of small firms experienced cyber attacks in the UK in early 2024
The Cyber Security Breaches Survey, a research study by GOV.UK, deals with cyber attacks that organizations in the UK face and ways in which they are impacted and respond. Its findings from the beginning of 2024 show that over two-thirds (72%) of large organizations and over one-third (36%) of small firms have identified breaches in the previous 12 months. Charities are not exempt from cyber attacks either, with around 30% suffering a breach or intrusion.
2. Almost half of the businesses in the UK identified a breach in 2020
During the peak months of the COVID-19 pandemic, corporal security breaches also culminated in the UK. The year 2020 made individuals and businesses particularly vulnerable to cyber attacks due to many logistics adaptations and organizational changes that were introduced. That same year, 46% of organizations identified a breach or attack in their systems.
From 2021 onwards, however, the awareness started rising, and organizations seemed to have picked up on the new circumstances and dangers. The percentage of attacks remains steady since, affecting approximately 39% of organizations.
3. Phishing attacks are the main attack vector
As much as 83% of organizations in the UK that have encountered breaches identified them as phishing attacks. "Other impersonating attacks" were the second most common attack category, accounting for 27% of breaches, and "Viruses, spyware, or malware" were the third (12% of all breaches).
Phishing attacks, along with other impersonating attacks, are also the category of breaches that the respondents of the Cyber Security Breaches Survey find the most disruptive – with 50% of votes for these two categories in total.
4. UK companies spend 23.1% of their IT budget on cybersecurity
We used Hiscox interactive tool to load the latest results on the UK companies' expenditures on cybersecurity. According to the tool, businesses in the UK have significantly increased the IT budget portion they allocate to the cybersecurity sector – from 14.88 million in 2021 to 24.71 million in 2024. Converted into percentages, that means UK firms currently invest 23.1% of their IT budgets to secure their businesses.
According to a CyberEdge report, however, these numbers are significantly smaller. The average IT budget allocated to cybersecurity ranges from 10.7% in France to 15.6% in Brazil, and UK firms are almost at the bottom of the list. They spend just a little over 11% of their respective IT budgets on cybersecurity solutions, or 11.3% to be precise.
5. The average cost of a data breach in the UK is $5.05 million in 2024
The United States has the highest average total cost of a data breach ($9.44 million) for the 12th consecutive year. Although the average cost of a data breach in the UK is almost twice as small, or $5.05 million, the UK has still made it to the top five list of countries with the costliest data breaches. The remaining three countries/regions that have made it to the list are:
- The Middle East, in second place, with $7.46 million
- Canada, in third place, with $5.64 million
- Germany, with $4.85 million in data breach losses, made it to fifth place on the list
6. Malicious attacks cause 52% of UK breaches
The Cost of a Data Breach Report 2020 by IBM investigated the principal causes of data breaches across different countries and discovered that 52% of breaches in the UK happened because of a malicious attack. System glitches caused 23% of breaches, while the remaining 25% happened because of a human error. The percentages were fairly consistent across the other countries in the study, with the Middle East at one end of the curve, with 59% of malicious attacks, and Canada at the other, with 42%.
7. 86% of data breaches are motivated by financial gain
A Verizon's study from 2020 encompassing many countries in the world, including the UK, revealed that the great majority of data breaches (86% of them) were money-driven. Other prevailing motives for cyber attacks were espionage, ideology, and so-called "secondary motivators" such as an urge for intellectual property theft or secrets' trade.
If you look at most of the news that's out there, you see state actors, espionage, trade secrets, but most of these breaches are people wanting to steal money from you.
8. It takes 181 days for companies in the UK to identify a data breach, and another 75 days to contain it
While the global average for identifying a data breach within an organization in 2020 was around 207 days, plus another 73 days to contain the incidents, these actions took place slightly faster in the UK. UK organizations needed 181 days on average to discover a breach and a further 75 days to contain it. This made the UK the fifth fastest country to respond to data breaches at the time. The countries which were faster were Germany (160 days), Canada (226 days), South Africa (228 days), and the US (237 days).
The latest IBM study from 2024 reveals that the time needed for identification and containment of a data breach has dropped to 277 on a global level. It still takes 207 days on average for companies around the world to identify a breach, but the containment time is a bit shorter – 70 days. The study, however, doesn't specify the latest numbers for the UK.
9. UK cybersecurity industry has over 56,000 employees
Cyber Security Sectoral Analysis 2024 by Ipsos brings us the latest updates from the UK cybersecurity sector. In February 2024, the UK’s cybersecurity industry employed 6,000 new people, on top of the existing 50,000 work positions in the sector. This represents a 12% rise compared to a year before. The revenue of the cybersecurity firms in the UK also increased by 14% to £10.1 billion.
10. There were over 380,000 reports of fraud and cybercrime in the UK over the last 13 months
If you're interested in the live numbers of cybercrime in the UK, you can find them on the NFIB Fraud and Cyber Crime Dashboard – the data gets updated every few minutes. As of October 2024, there were 389,021 reported incidents in total in the UK. Of those incidents, 382,776 were reported by individuals and 41,693 came from different organizations.
11. The year 2024 saw over £4 billion in reported losses
The above NFIB Fraud and Cyber Crime Dashboard also shows the latest losses reported across the UK. According to the research, cybercrime damaged UK businesses by over £4 billion from September 2021 to September 2024. Online shopping and auction brought about a massive number of these reports – over 75,400 of them.
12. 19% of organizations have invested in additional staff training after their most disruptive breach
UK organizations approach the prevention of future breaches or attacks in different ways. The most common breach-prevention action taken in 2024 was the additional training of the staff or communications, with 19% of businesses and 24% of charities taking this approach.
Approximately 9% of organizations installed, changed, or updated antivirus or anti-malware software, the other 9% changed or updated firewall or system configurations, and 7% decided that the best prevention was being more careful with emails/blocking/filtering mail.
13. Nearly half of employees in the UK use personal devices for work
The Cyber Security Breaches Survey shows that over 45% of businesses in the UK allow their employees to use their personal devices, such as personal non-work laptops, for work-related activities. There's even a term for this, known as "bring your own device" or BYOD.
The percentages are even higher with charities. Namely, nearly two-thirds of charities, or 64%, say this is common in their organizations. Entertainment, service, and membership organizations often practice BYOD too, as well as small firms with lower budgets for IT equipment or without their own office space.
14. 82% of businesses see cybersecurity as a very high or fairly high priority
The above report also reveals that nearly 82% of senior management in the UK sees cybersecurity as a very high (37%) or fairly high priority (47%). The percentage is even higher (95%) when only large businesses are considered. The sector which regularly treats cybersecurity as the top priority is finance and insurance companies, 65% of which say cybersecurity is a very high priority.
15. Age group of 20 to 39 is the most exposed to cybercrime
Based on 12-month data from Action Fraud gathered by NFIB, we can see that the age of victims also plays an important role in the distribution of fraud and online crime. The age group which experienced the biggest percentage of cybercrime was young people, 20 to 39 years old. Those significantly older or significantly younger than this were affected the least. The respondents aged 40 to 49 were the next most hit group.
There are many factors to be considered with these findings, however. As we all know, young people use digital technology more frequently than other groups, and they are also much more likely to report fraud and breaches.
16. Women are more exposed to online crime in the UK
Same as with age, the gender of the victims can be a factor in the prevalence of cybercrime, although not as significant. According to the same NFIB Fraud and Cyber Crime Dashboard, women are slightly more likely to fall prey to cybercriminals.
Of all victims who reported fraud or a breach, from September 2021 to September 2024, 44% declared themselves as female and 42% as male. The remaining 14% of victims preferred not to reveal their gender.
17. 73% of UK organizations suffered a ransomware attack in 2024
The latest annual Cyberthreat Defence Report also places the UK in the top six countries most hit by ransomware, with over two-thirds (73%) of UK organizations experiencing a ransomware attack or breach in 2024. This also represents a significant 15% rise compared to the year before. Still, this is considerably less compared to the first two countries on this list, China and South Africa, where almost nine out of every 10 organizations (89.6%) suffered a ransomware attack.
18. Most ransomware attacks in the UK don't get stopped prior to data encryption
The State of Ransomware 2024 by Sophos shows that UK organizations thwart only 43% of ransomware attacks before cybercriminals encrypt them. Although this means that most ransomware attacks don't get prevented in time, the UK still has a higher than average (35%) score in this area.
For comparison's sake, organizations in India stopped just 20% of ransomware attacks before they got encrypted, and even Czech Republic and Australia had a similar score (21%). On the other end of the spectrum, we have countries like Saudi Arabia where cybercriminals failed in 62% of cases.
19. 13% of UK organizations paid the ransom
The Sophos report from 2020 revealed that around 13% of UK companies paid the ransom demanded by threat actors that year. This was twice less than the global average of 26% and well below the highest-ranked countries India (66%), Sweden (50%), and the Philippines (32%). This year's report doesn't rank countries according to their ransom payments, but it mentions that the global average of victims paying ransom has dropped to 11%.
20. The average cost of ransomware attacks was $1.08 million
Even though most companies nowadays opt not to pay the ransom, fixing the damage made by a ransomware attack can still cost millions. The average cost for UK organizations, although significantly smaller than in the other countries on the list, was still above $1.08 million.
Belgium and Nigeria reported the highest average ransomware attack costs – $3.71 million and $3.43 million, respectively. Turkey had the lowest average cost of rectifying the damage, $0.37 million. When it comes to the cost of a ransom itself (without the added costs of restoring a business), Japan is leading the pack with over $4.3 million in ransom paid per organization. Turkey is again the last country on the list, with $30.846.
21. Only half of the organizations in the UK that pay ransom see their data again
According to Proofpoint, only around 50% of the firms that decide to pay the ransom actually manage to restore their data and systems. The reasons for this are various, but most often the criminals refuse to hand over the data even after the payment has been settled, demanding more money. The ICO and NCSC, on the other hand, keep reminding UK citizens that paying the ransom isn't a reasonable step nor a guarantee that they will see their data again.
For the avoidance of doubt the ICO does not consider the payment of monies to criminals who have attacked a system as mitigating the risk to individuals and this will not reduce any penalties incurred through ICO enforcement action.
22. A .co.uk domain was used by 1.2% of scam websites in 2020
Unsurprisingly, the biggest percentage of scam websites go under .com domains, over 31% of them. Kaspersky’s figures also reveal that the next most popular domains among scammers are various country-code extensions, such as the .ru extension (used by 2.12% of fake sites) and the Brazilian .com.br (1.31%). The UK national domain, .co.uk, made for 1.20% of all sham websites in 2020, making it the fifth most used fake domain in the world at the time.
23. Almost 10% of people in the UK attempted to open a phishing link
Although the UK isn't among the countries which are considered the biggest source of spam (only about 1.66% of spam content originates from the UK), British people are still not immune to phishing links. A study by Kaspersky from 2021 shows that approximately 6.42% of folks in the UK tried opening at least one phishing link within the previous 12 months.
Brazilians were, once again, the most prone to falling for phishing attempts, with 12.39% of users clicking on phishing links. Other regions with higher figures included France (12.21%), Portugal (11.40%), and Mongolia (10.98%).
24. 37% of UK organizations trust cloud-based security solutions
According to CyberEdge, only 37% of UK companies use security services and applications delivered via the cloud. This is over 4% less than the global average for 2024, which was 41.1%, and far below countries like Brazil (50.03%), the US (50.01%), and Mexico (46.7%). The regions which scored the worst in this aspect were Germany and China, with only 31.3% and 30.9% of their organizations applying cloud-based security solutions, respectively.
25. Only 27% of UK employees use a password manager
The 2024 State of the Phish report by Proofpoint points out that less than a third of the UK workforce, 27% to be precise, uses password managers. This is more than the global average, which is around 21%. Password managers are not a necessity, but they are a secure and convenient way of ensuring that all your passwords are unique across different websites and strong enough.
Still, on a global level, 30% of employees prefer creating a unique password for each account themselves, and 23% save their login data within a web browser – which is a less safe method.
26. 82% of UK workers know about the hidden dangers of emailing
On a positive note, 82% of UK respondents in the above survey said they were aware of the hidden dangers of emails, such as disguised sender details. On the global level, the results were good as well in this area of cybersecurity – with 86% of respondents recognizing that they should be cautious of unsolicited messages. One of the most worrying findings, however, was that 42% of workers in the US believed all emails with familiar logos were legit.
27. The UK is the #3 country in Europe by stalkerware usage
With the increased usage of technology in all spheres of our lives, there, unfortunately, also came the increased abuse of it. Kaspersky's The State of Stalkerware 2021 report detected victims of this type of offense in 185 countries or territories. The UK was in the top three European countries according to the number of reports of stalkerware, with 430 incidents.
Germany and Italy were the first two countries, with 1,012 and 611 abuse cases. This is still much below some other countries in the world, such as Russia (7,541 incidents), Brazil (4,807), and the US (2,319).
28. The UK GDPR fines are worth over €60 million
With the introduction of GDPR, the laws of online privacy have tremendously changed, and not just in European countries. The CMS Law GDPR Enforcement Tracker shows the live count of GDPR fines issued and the exact sums of money charged by each country of the EU.
According to it, the UK is among the countries that have charged the highest fines altogether – over €60 million. However, this is nothing compared to Luxembourg, which has collected €746,299,400 from a single fine, by charging Amazon Europe for non-compliance with the GDPR.
29. British Airways received the highest GDPR fine in the UK
Speaking of the single highest fines issued by a country, British Airways was the company that received the highest-ever fine in the UK. In October 2020, the mentioned airline company was charged €22,046,000 for "insufficient technical and organizational measures to ensure information security." Marriott International, Inc. was the second highest-charged company in the UK.
30. The UK has issued 12 GDPR fines so far
However, when it comes to the total number of fines, the UK has issued only 12 of them so far. For comparison's sake, Spain has issued over 500 fines and Italy over 190, as of October 2024.
Have you been pwned?
If you suspect that your email or phone is in a data breach, you can check 'Have I Been Pwned?' easily and without spending money. All you need to do is insert your email address or phone number in the central box on the website, and you'll get a notification about whether your credentials have been exposed. Make sure you sign up separately to check all the email addresses or phone numbers you own.
How to protect yourself from cybercrime in the UK?
As seen from the above, it's not only cyber criminals we should fear for abusing our data. Sometimes, even renowned companies can become perpetrators, often unknowingly, due to a lack of knowledge, training, or even attention. Luckily, there are some steps each of us can take to protect ourselves from cyber breaches and attacks. These will work regardless if you're living in the UK or any other country.
- Apply updates to all the devices and software you own, and apply them regularly. This won't stop each and every cyberattack, but it will significantly increase your chances of staying safe. No software is perfect, but keeping them up to date will patch most known vulnerabilities and make them better altogether.
- Use only strong, unique passwords across your accounts. The best passwords should contain random combinations of letters, numbers, and symbols, but even then there's no guarantee. To avoid duplications and weak passwords, you can try a password manager – they also save time and make your life much easier.
- Remember not to share your credentials with anyone, not even relatives and close friends. Sharing, in this case, is definitely not caring. It's not about trusting a person, but you never know who can hack their devices and snatch your data along with theirs.
- Use multi-factor authentication (MFA). Using two-factor authentication (2FA) or multi-factor authentication (MFA) is always a good idea, especially for your most important/sensitive apps, such as health, banking, and work apps. They are an additional layer of security that will render criminals unable to access your accounts, even if they somehow manage to seize your credentials.
- Get a Virtual Private Network (VPN). It will change your IP address and encrypt all your online activities, making them more private and secure. With a VPN, your online data becomes invisible and inaccessible to threat actors, even on unprotected (public) networks. A good VPN doesn't have to cost an arm and leg, but we do, 9/10 times, recommend paid services over free ones, as they provide much higher levels of security.
- Stay alert and don't ignore warnings. Check your mailboxes, bank statements, credit reports, and such regularly. Big institutions are usually reliable and have their safety measures in order, but they're not flawless. There have been many instances when users were the first ones to notice little irregularities on their accounts or mailboxes. If not addressed on time, these can lead to much bigger problems later on.
- Beware of phishing emails and fake websites. Phishing emails are becoming more frequent and sneakier by the day. They can be disguised as tempting offers, last-minute deals, or even fake alerts and breach notifications. Be careful which websites you trust – those starting with http:// as opposed to https:// are by default less safe. Always check for plagiarized logos and typos in the mail you receive (as they are usually the first warning signs), and be especially careful not to open any links from unknown sources or emails that came out of the blue.