Two in five businesses have experienced a cyberattack over the course of the past year, with one particular threat by far the most commonly faced.
And the rise in remote working coupled with a slight drop in organisations using security monitoring tools to identify abnormal activity could mean that the actual number of organisations that have fallen victim to cybercrime is higher – and they just don't know they've been compromised yet.
The figures are detailed in the annual Cyber Security Breaches Survey from the Department for Digital, Culture, Media and Sport (DCMS), which shows how businesses approach cybersecurity and the impact of attacks.
SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)
The 2021 report comes following a year where organisations had to quickly adapt to remote working, potentially heightening cyber risk as employees were no longer protected behind corporate firewalls, but are rather working from their own homes.
Over 80% of organisations that identified cyberattacks during the past year were targeted by phishing emails, with cyber criminals using malicious messages in efforts to drop malware or coerce people into clicking on malicious links.
Just over a quarter of organisations identified email attacks where attackers were impersonating people or businesses online – this could either be an attempt to steal credentials, or trying Business Email Compromise attacks, where cyber criminals attempt to trick employees into making large financial transfers, often pretending to be an important business deal or contract.
Email has long been a common means of conducting cyberattacks, but the shift towards remote work over the past year means people are more reliant on it for workplace collaboration. The report suggests that this could be why some businesses aren't able to identify cyberattacks or data breaches.
Just over one in twenty organisations say they've identified an attempted ransomware attack.
While the majority of organisations that have identified a cyberattack have attempted to take action, including providing additional staff training, updating antivirus software, changing firewall configurations or installing other new software, just over a third didn't take any action at all after detecting an incident.
The report also notes that there's been an increase in organisations that have taken out some form of cyber insurance in order to help cover the financial costs associated with cyberattacks.
The report makes several recommendations to organisations in order to ensure their networks are secure and resilient to cyberattacks. These include protecting accounts with multi-factor authentication and boosting staff awareness around cybersecurity issues with training.
SEE: Network security policy (TechRepublic Premium)
The report also recommends that organisations take more action around supply chain risk management, so there's greater protection against attacks that might attempt to exploit the supply chain as a means of network access.
"It is important for organisations, management boards and IT teams to recognise that good cybersecurity facilitates better business resilience. This has not always been appreciated during the pandemic, when the focus on short-term business and IT service continuity has sometimes overshadowed discussions on cybersecurity," said the report.
"When emerging from the pandemic, there may be an opportunity for cybersecurity teams to reframe these discussions, to show that cybersecurity is an integral component of business resilience," it concluded.