You may have seen the news yesterday about auction site giant ebay suffering a cyber attack, leading to the data of their 233m users being compromised, including names, e-mails, phone numbers and date of birth information.

When companies of this magnitude can be vulnerable, it’s clear that every company holding personal data on customers needs to be extra vigilant.

Although UK data breaches have fallen in number in the past year, their cost has increased dramatically, according to a study on security commissioned by the government. The study shows that small businesses took the hardest hit, with the cost of data breaches for businesses with less than 250 employees almost doubling from between £35,000 and £65,000 a year ago to between £65,000 and £115,000 currently.

More than half of the respondents in the study expressed the negative prediction that despite the slight decline in breaches they will in fact go up again in the not-so-distant future.

Nevertheless, the number of organisations that suffered a successful attack or experienced data loss has decreased by around 5%. Organisations which suffered from repeated breaches also reported an improvement.

However, malware attacks are on the rise the study warns, with the number of large organisations which were infected by viruses or malicious software jumping from 59% to 73%. Larger organisations which reported that outsiders had penetrated their network and had stolen intellectual property or confidential data came to 16%, yet not all reported the loss of such data to the relevant authorities.

On the positive side, the study points to an increase in overall investment in security across all industries, including those that have small IT budgets. An improvement was also noticed in access to skills and resources and a big drop in staff-related breaches was noted. Employees do continue to be involved in security breaches, however, with 31% of the worst breaches in the past year being caused by human error, Computer Weekly reports.

Presenting the study’s findings at the 2014 InfoSec conference, Minister for Universities and Science David Willetts said these findings indicate there is more to be done, but the government takes cyber breaches very seriously and is tackling the issue to ensure better cyber security.

It is evident that it is becoming increasingly important for businesses to evaluate all the risks they face, and include IT security and protection requirements in their overall contingency strategy. If you would like to review your business or cyber risks why not get in touch to see how we can help you.