UK Businesses Spend £600K Annually To Repel Cyber Attacks, as More Become Affected by Data Breaches

New researchi from global information and insights company, TransUnion, shows that individual organisations are fighting off more than 500 cyber attacks each year and spending an average of £600K annually on protection, defence and response to cyber threats. 

The study – which spanned organisations across financial services, insurance, law, retail and more – also revealed that 28% of businesses in the UK have experienced a data breach in the last 12 months. This is up slightly on 2021 (26%), with 44% of tech professionals suggesting the challenging economic situation could be contributing to more people attempting to ransom or steal data. 

Of those businesses affected by a data breach in the past 12 months, 40% suffered reputational damage as a consequence and over a quarter (27%) lost customers – in addition to the direct financial impact. More than one in four (29%) had to compensate customers or were fined (26%).  

Kelli Fielding, managing director of consumer interactive at TransUnion in the UK, said: “It’s unsurprising that businesses are spending significant sums on cyber protection, given the potential for reputational damage resulting from data breaches, and subsequent loss of customers,ii alongside the obvious financial implications. As a result, almost half of tech professionals (49%) say there is more pressure than ever on businesses to keep customer data safe.” 

As well as fraud prevention solutions, services are available to assist consumers and give them peace of mind in the event of a data breach, such as free credit report monitoring, fraud victim assistance and dark web monitoring.  

Kelli Fielding continues: “Helping consumers to monitor and minimise the impact if their personal data is compromised could make all the difference to retaining their loyalty, yet despite this, our research showed that the majorityiii of businesses don’t have the tools they would need in place to provide that support.” 

Educating businesses and protecting consumers 

There is some contradiction between what tech experts perceive as the biggest risks and the factors which are having the biggest impact, according to TransUnion’s research. For example, tech professionals see ransomware as the current biggest data breach threat, while employee error is seen as the third biggest risk (14%).  

However, when looking at data breaches that took place in the past 12 months, employee error was by far the most common cause – named as a major factor by 61% of businesses affected. Whilst staff education should form a key part of response plans, the study showed almost one in five (19%) businesses conduct staff training on data breaches less often than once a year. 

Mark Read, head of data breach solutions at TransUnion in the UK, said: “Despite an ever-growing range of threats to data security, human error is still by far the biggest contributing factor. As such, companies should be increasing staff training to reduce these risks, as well as strengthening consumer protection by using tools for identity theft prevention and remediation. 

“TransUnion’s data breach support service helps businesses retain trust by giving consumers access to credit information alerts and dark web monitoring, to help them spot potentially fraudulent activity and safeguard their identity in the event of a data breach.” 

To find out more about how TransUnion’s Data Breach Support Service can help organisations to be better prepared for a data breach and protect consumers, visit https://www.transunion.co.uk/solution/data-breach-support-service


i   Based on research conducted on behalf of TransUnion, between 27 October and 2 November 2022, among a sample of 500 IT professionals working in UK businesses across a range of sectors including banking/finance, information, insurance, law, retail, construction, manufacturing and more. 
ii  27% of businesses affected by a data breach in the past 12 months said that they lost customers. 
iii  57% of businesses don’t have free credit report monitoring, 59% don’t have fraud victim assistance and 60% don‘t have dark web monitoring.