Here’s how organisations are handling their cyber-security risks

Every year, the Department for Digital, Culture, Media & Sport releases their annual Cyber Security Breaches Survey. This year’s data allows organisations to take a closer look at top cyber-threats, analyse the impacts of disruptive breaches and understand the importance of managing cyber-security risks. Indeed, 32 per cent of businesses and 22 per cent of charities experienced a cyber-attack in the last 12 months.


Between these startling statistics and the first anniversary of the implementation of GDPR , it’s no surprise that nearly 80 per cent of businesses and 75 per cent of charities now rate cyber-security as a high priority—more than ever before. As a result, the survey data reported these top organisational approaches to cyber-security:

1) Controls and policies – Common controls that organisations have implemented to bolster their cyber-security efforts include applying available software updates, having updated malware protection and using firewalls with appropriate configuration. In addition, 33 per cent of businesses and 36 per cent of charities have a workplace policy or policies that cover cyber-security risks.

2) Staff training – Nearly 30 per cent of both businesses and charities trained their staff on cyber-security this past year. Also, 35 per cent of businesses and 30 per cent of charities have at least one board member or trustee that is responsible for cyber-security.

3) Documentation – 62 per cent of businesses and 60 per cent of charities have taken action to identify and document cyber-security this past year. Top actions include business-as-usual routine health checks, cyber-risk assessments and internal audits.

Apart from these methods, only 11 per cent of businesses and 6 per cent of charities have a cyber-security insurance policy. Don’t miss out on the best form of protection against cyber-attacks.


Please contact Finch Director Neal Lumb on 07599 718453 or email neal.lumb@finchib.co.uk to discuss cyber insurance solutions.



The content of this Profile is of general interest and is not intended to apply to specific circumstances. It does not purport to be a comprehensive analysis of all matters relevant to its subject matter. The content should not, therefore, be regarded as constituting legal advice and not be relied upon as such. In relation to any particular problem which they may have, readers are advised to seek specific advice. Further, the law may have changed since first publication and the reader is cautioned accordingly. © 2019 Zywave, Inc. All rights reserved.