Over 50% of businesses increased their cyber security budget last year amid attacks

• 53% of businesses surveyed by EY say their cyber security budget has increased over the last year
• Two thirds of businesses cite ‘customer personal and identifiable information’ as the most valuable asset to protect
• The average spend on cyber security for businesses in the UK is £4,590 per year
In an age of technology, cyber-attacks are becoming more prevalent, more frequent and more threatening than ever before. Now that the majority of institutions, particularly in the financial sector, are opting to transform their operations via new digital channels, automation and other advanced technologies, the dangers to companies are significantly heightened.


As a result, Turnerlittle.com sought to find out how cyber security threats have increased in recent years, and what companies are, and should, be doing to prevent cyber-attacks.
With the sudden increase in the frequency and scope of cyber-attacks around the world, new and impending regulations, have already prompted some of the financial sector’s biggest names to review their cyber security plans. In a recent Ernst & Young report, Turner Little found that more than half of respondents (53%) say their cyber security budget has increased over the last year.

Cyber security is becoming a number 1 priority for businesses
In 2018, many companies understand that cyber security is a major risk, perhaps even the number one priority; particularly for technology-heavy companies. Cyber risks are constantly changing and are difficult to keep up with, which can be destructive. Unfortunately, no business can completely protect itself from a cyber-attack, but they can implement plans and strategies to help prevent breaches from occurring.

For many companies, customer data is paramount, with a staggering 65% of businesses citing customer personal and identifiable information as the most valuable asset to protect, while 36% cited customer passwords.

Turnerlittle.com found that these were followed by:
• Company financial information – 19.5%
• Corporate strategic plans – 18.4%
• Senior executive/board member personal information – 15.1%
• Information exchanged during M&A activities – 11.5%
• Patented intellectual property (IP) – 10.1%
• R&D information – 9.6%
• Non-patented IP – 8.3%
• Supplier/vendor identifiable information – 4.2%
Information for Immediate Release turnerlittle.com
Turnerlittle.com found, at present, there is a shortage of individuals with the skills and knowhow
to deal with cyber security threats in business. Turner Little’s analysis of EY’s report can
reveal that at all levels, there is a lack of training regarding how cyber risk should be handled
in day-to-day business life.
Companies must increase cyber security awareness training, whilst instilling an understanding
of how cyber risks can impact different roles and individual projects, as well as harming
overall businesses (e.g. impacting corporate reputation, business acquisition and client
Analysing a 2017 report by Gov.uk, Turnerlittle.com found that, over the last 12 months, some
businesses are trying to offer cyber security training, either internally or externally. Although,
from the report, Turner Little concluded that training must be more accessible.
The following companies pursuing cyber security training:
• Small firms – 25%
• Medium firms – 43%
• Large firms – 63%
• Within finance/insurance – 49%
• Within info/
communications/utilities – 41%
Of these companies, the employees who attend the training courses varies. Unsurprisingly, IT
staff had the highest attendance (79%), followed by directors or senior management staff
(59%), staff members whose job role includes information security or governance (47%) and
other staff who aren’t cyber security or IT specialists (29%).
The ‘cost’ of a cyber breach is more than just money…
Turner Little found that cyber security can be expensive for companies; particularly those that
are deemed “small”. According to Gov.uk, the mean spend on cyber security of all businesses in
the UK is £4,590, and for large businesses, the mean spend reaches a staggering £387,000.
However, it is worth it in the long run, as Turner Little found that the average cost of breaches
to all businesses in the UK reached £1,570 in the last 12 months – and £19,600 for large firms.
James Turner, Managing Director of Turnerlittle.com commented:
“Cyber security is something every business must be investing in. In this day and age, with the
increases in technology and software, businesses are constantly under attack from hackers – both
big and small. It is vital companies assess their cyber security plans continuously to ensure all
data is secure.”
He added: “Despite the cost, it is important to ensure that all employees understand how
dangerous cyber breaches can be, and what their costs are – particularly in larger firms where
the aftermath can be highly detrimental to the company’s reputation and client retention.”