The Department of Trade and Industry's Information Security Breaches Survey 2004, published in full on Tuesday, showed that two-thirds of U.K. companies fell victim to a network attack in the past year.
Get Up to Speed on...
Get the latest headlines and
company-specific news in our
expanded GUTS section.
The average cost of a serious breach actually dropped to 10,000 pounds ($18,000), compared with $54,000 in 2002, but with the number of malicious incidents, the overall cost of IT security breaches remains broadly unchanged.
The results from the survey show that many major businesses are losing millions of pounds through failed IT security. The average cost of a serious break-in to a large company is $215,000, and these large companies are suffering about four breaches a month--compared with one a month for all businesses.
Launching this year's report, e-commerce minister Stephen Timms said the United Kingdom has reached a watershed for IT security.
"Until now, it was possible to believe that security problems are something that happened to someone else. That illusion has finally been laid to rest," Timms said.
According to the DTI survey, just a third of U.K. companies--and two-thirds of large businesses--have an IT security policy.
"We can't yet say, on the base of this survey, that risks are being well-managed by U.K. companies," Timms said.
Graeme Wearden of ZDNet UK reported from London.