Cybersecurity Ventures, the world’s leading researcher on global cyber economy, estimates that cybercrime will cost $10.5 trillion by 2025. Not only does that vast sum represent the greatest transfer of economic wealth in human history. It also means that damages caused by cybercrime will have an impact greater than the GDP of all but two countries – the United States and China. It’s no wonder that global businesses, from giant corporations to SMEs are starting to take bad actors and cyberattacks very seriously. Or are they? In 2020, malware increased by 358% the average ransomware payment rocketed to about £500,000. With humans the cause of 95% of cybersecurity breaches, phishing attacks cost us £15,000 every minute. That equates to over £20 million a day. If you’re not taking your cybersecurity seriously, isn’t it time that you should?


Accenture reports that the most expensive component of a cyberattack is data loss, averaging $5.9 million per incident. That said, the recent history of massive data breaches is indeed a woeful tale. 2021 was an unforgettable year when we consider the scale of cyberattacks:

  • In May, Colonial Pipeline suffered a ransomware attack that caused fuel shortages across the United States. Hackers infiltrated its network by compromising a single password.
  • In June, meat supplier JBS was hit by a ransomware attack that forced the closure of beef and poultry processing plants on four continents. JBS paid the hackers $11 million to retrieve its data.
  • In August, 48 million individuals had their personal information stolen in a T-Mobile breach. Compromised data included names, date of birth, driver’s licenses and other forms of ID.

Since 2015, the list of hacked companies has escalated incrementally – LinkedIn, Robinhood, Panasonic, Equifax, Mariott and Yahoo, to name but a few. Just this month, Uber was hacked for a second time witnessing a breach of its internal systems. The first hack, back in 2016, involved the theft of personal data of 57 million customers and drivers. Joesph Sullivan, Uber’s former CSO, went on trial after it was alleged that he bribed hackers $100,000 to delete the stolen data.


There’s a lot of money at stake and the risk of not securing data is more prevalent than ever. So, just how seriously is business taking cybersecurity in terms of regulatory compliance? Here are some interesting facts:

  • CSO Online reports that 66% of businesses say that compliance regulations are driving their IT spending.
  • 78% of businesses expect the annual cost of regulatory compliance to significantly increase year-on-year.
  • According to Gartner, security services now account for 50% of cybersecurity budgets.
  • Approximately 60% of businesses have more than 500 email accounts with non-expiring passwords. That’s a scary statistic for companies that don’t have MFA.
  • GDPR fines totalled $1.2 billion last year with Google being fined $57 million by CNIL, the French data protection watchdog.


How is the UK faring by way of cyberattacks and good cybersecurity practice? In the first seven months of 2021, companies and individuals lost £1.3 billion to cybercrime and fraud, the greatest regional loss of £629 million being in London. Statista has stated that 21% of businesses reported having experienced a cybersecurity breach once in the 12-month period, while 8% said that they experienced them several times a day. 73% of UK organisations were victims of a ransomware attack, less than the United States (82%) and China (90%). According to CyberEdge, 11.3% of UK IT budgets are spent on security. UK SMEs in particular, have been warned to get their cyber hygiene in shape. Jason Stirland, CTO at DeltaNet International, said:

“Having a robust cybersecurity strategy in place is critical for organisations of any size, but SMEs are particularly vulnerable as they don’t have access to the same skills and financial resources a large enterprise has. According to research by ENISA EU, 85% of SMEs agree that cybersecurity issues would have a detrimental impact on businesses, with 57% saying they would most likely go out of business.”


In November 2020, the UK government launched the National Cyber Force (NCF), a scheme designed to counter the growing problem of cybercrime. The National Cyber Security Centre (NCSC) is also clamping down on businesses whereby MSPs and their clients, often SMEs, will be legally required to use MFA to access data. Minister for Media, Data and Digital Infrastructure, Julia Lopez, said:

“As more and more organisations do business online and use a range of IT services to power their services, we must make sure their networks and technology are secure. Today we are taking the next steps in our mission to help firms strengthen their cyber security and encouraging firms across the UK to follow the advice and guidance from the National Cyber Security Centre to secure their businesses’ digital footprint and protect their sensitive data.”


In 2021, cyber insurance premiums rose 96% in Q3, with a 204% year-on-year increase. The impact of this increment is that cover is becoming somewhat of a luxury for SMEs, especially those that are cash-strapped. The UK.GOV Cybersecurity Breaches Survey 2021 confirmed that only 43% of UK businesses have cyber insurance and only 15% execute cybersecurity vulnerability audits. Only 32% of those surveyed have Cyber-Essentials, Cyber-Essentials-Plus or ISO-27001cybersecurity certification. All in all, the current situation is far from an adequate cybersecurity state of play.


I’ve worked in the professional IT support industry for more than 20 years, having witnessed first-hand the exponential rise in cybercrime. I also know what we need to do to protect ourselves from bad actors. You don’t need to fret about falling prey to hackers through a phishing or ransomware attack. I’m here to help you get your cybersecurity and cyber hygiene into shape. Contact me today and let me show you how.

Leave a comment