The truth about the rising cost of data breaches

Whilst many businesses are increasingly vigilant in amending their work policies to mitigate the risk of cyber-attacks, many still don’t have adequate protective measures against cybercrime in place.

In the Cyber Security Breaches Survey 2019, recently published by the Department for Digital, Culture, Media and Sport (DCMS), findings suggest that larger business are still more likely to prioritise cybersecurity compared to smaller business and charities. Smaller businesses usually consider themselves to be less of a risk due to their scale, but there is little variation in the number of attacks between small and medium businesses, high-income charities and large businesses.

The rising cost of breaches

Despite the number of targeted attacks with a financial impact decreasing slightly over the last year, the overall costs to those who are affected have risen drastically. Since 2017 when the average direct cost to businesses was £1,380, this figure has now grown to £3,150 in 2019. This amount doesn’t consider recovery costs and long-term costs which both add up to approximately £3,000 on average.

Understanding your costs

The estimated costs of breaches in the past year varied widely across businesses, ranging between £300 and £100,000 across techniques including malware, ransomware, phishing emails and more. Concerns were raised during this survey that company management struggled to predict the full financial impact of a data breach and often failed to assess the bigger picture.

For example, whilst ransomware might cost your business £5,000 to restore all your systems, you would also need to account for any company downtime, loss of business incurred from reputational damage and the cost of implementing new systems and structures to ensure the same thing doesn’t happen again.

Protecting your finances

Although the number of large and medium businesses protecting their businesses with cyber insurance has risen in the past year, only 11% of all businesses and 6% of charities have specialised cover in place. What’s more, just over a third of businesses have a board member or trustee with specific responsibility for cybersecurity.

It’s important that, regardless of the size or nature of your business or charity, you are fully aware of both the immediate and long-term impact that cybercrime could pose to your operation.


Act now to protect your business from the threat of a cyber-attack or data breach.

If you would like more information or to discuss a quotation, please get in touch with your usual Darwin Clayton representative at Tunbridge Wells 01892 511144 or Nottingham 0115 9517030.

Data Breach