Press Release

UK businesses struggle to balance security budgets as cyber incidents soar

Wed 4 Oct 2023

UK businesses have experienced on average 30 cyber incidents over the last twelve months, marking a 25% increase compared to last year, according to a new report out today.

Despite spending more than £40,000 a year on cyber protection such as vulnerability assessments, penetration testing, and red team engagements, the report found that more than a quarter (27%) of organisations think their cybersecurity budget is inadequate to fully protect them from growing threats.

The data comes from iomart and Oxford Economics’ ‘State of Cyber Security in the UK 2023’ report, which surveyed 500 executives from UK businesses.

It found that tight budgets continue to be the biggest barrier for improved cybersecurity. In fact, the rising cost of cyber insurance premiums is one of the biggest financial outlays, with 70% of businesses noting a rise over the last two years.

“Our latest security report with Oxford Economics is a temperature check on the cyber challenges businesses face. It is clear the threat of cybercrime is rising, but there’s a lack of confidence in organisations’ abilities to protect themselves against it,” said Lucy Dimes, CEO of iomart.

With the cost of remediation and other businesses expenses, such as energy, on the rise, stretched budgets are causing blind spots in businesses’ cyber strategies.

Only 37% of respondents have security embedded into all their business processes and functions, while 14% admitted that security is only addressed on an adhoc or as-needed basis.

Meanwhile during the COVID-19 pandemic, 41% of organisations were forced to sacrifice cybersecurity to keep the lights on.

The report also found that a lack of key skills remains one of the main concerns to tackling rising cyberthreats. So much so that 30% of cyber staff admit to currently facing burnout.

This pressure also means that less than half of companies are confident in their ability to handle the biggest threats facing organisations, including phishing (56%) and malware (55%).

Emerging technologies

Despite these challenges, businesses are optimistic about the role of nascent technologies such as AI and ML.

More than a third (38%) of businesses believe the use of AI and ML will be a major trend in cybersecurity over the next two years, particularly to support with email screening (78%) and contextual analytics (69%).

“There are ways to relieve these pressures, with effective strategies being developed and new technologies such as AI being embraced. Working alongside trusted partners can also ensure companies have adequate cyber strategies tailored to their business needs and challenges,” added Dimes.

Hungry for more tech news?

Sign up for your weekly tech briefings!

Send us a correction Send us a news tip