Top Banner

Click here to load reader

Cyber security 2013 - Technical Report

Oct 19, 2014




2013 Information Security Breaches Survey Technical Report

Technical Report


Survey conducted by

In association with


Commissioned by: The Department for Business, Innovation and Skills (BIS) is building a dynamic and competitive UK economy by: creating the conditions for business success; promoting innovation, enterprise and science; and giving everyone the skills and opportunities to succeed. To achieve this it will foster world-class universities and promote an open global economy. BIS - Investing in our future. For further information, see

Conducted by:

In association with:

Information security:

Cover image:

PwC rms help organisations and individuals create the value theyre looking for. Were a network of rms in 158 countries with close to 169,000 people who are committed to delivering quality in assurance, tax and advisory services. Tell us what matters to you and nd out more by visiting us at Our security practice, spanning across our global network, has more than 30 years experience, with over 200 information security professionals in the UK and 3,500 globally. Our integrated approach recognises the multi-faceted nature of information security and draws on specialists in process improvement, value management, change management, human resources, forensics, risk, and our own legal rm. PwC has gained an international reputation for its technical expertise and strong security skills in strategy, design, implementation and assessment services.

The PwC team was led by Chris Potter and Andrew Miller. Wed like to thank all the survey respondents for their contribution to this survey.

Infosecurity Europe, celebrating 18 years at the heart of the industry in 2013, is Europes number one Information Security event. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and over 12,000 visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Organised by Reed Exhibitions, the worlds largest tradeshow organiser, Infosecurity Europe is one of four Infosecurity events around the world with events also running in Belgium, Netherlands and Russia. Infosecurity Europe runs from the 23rd 25th April 2013, in Earls Court, London. For further information please visit

Reed Exhibitions is the worlds leading events organizer, with over 500 events in 41 countries. In 2012 Reed brought together seven million active event participants from around the world generating billions of dollars in business. Today Reed events are held throughout the Americas, Europe, the Middle East, Asia Pacic and Africa and organized by 34 fully staffed of ces. Reed Exhibitions serves 44 industry sectors with trade and consumer events and is part of the Reed Elsevier Group plc, a world-leading publisher and information provider.

The preservation of the condentiality, integrity and accessibility of information. In addition, other properties such as authenticity, accountability, non-repudiation and reliability can be involved.

The unique markings on each zebra are used as an effective defence mechanism to confuse predators. Large cats can only see in monochrome, so a zeal of zebra running in their natural habitat makes it dif cult to identify individual prey.

Chris PotterInformation security assurance partner

Andrew BeardInformation security advisory director



The Department for Business, Innovation and Skills recognises the importance of producing reliable information about cyber security breaches, and making it publicly available. I welcome the fact that so many businesses across the UK economy have shared their experiences for the 2013 Breaches Survey, a key commitment in the Governments UK Cyber Security Strategy. Businesses need to be informed about the severity of the threat - and the impact. This years survey clearly demonstrates the damage being done to UK companies in cyberspace. Understanding the risks is critical in addressing the challenge of how to manage them. Proactive management of risks represents a competitive advantage; effective cyber security is good for business. The information in this report will support all our efforts in cyberspace.

Survey approach

This is the latest of the series of Information Security Breaches Surveys, carried out every couple of years since the early 1990s. Infosecurity Europe carried out the survey, and PwC analysed the results and wrote the report.

To maximise the response rate and reduce the burden on respondents, this years survey questions were broken up into four online questionnaires. Some questions were included in all four questionnaires. In common with the 2010 and 2012 surveys, respondents completed the survey during the February-March period on a self-select basis.

In total, there were 1,402 respondents. As with any survey of this kind, we would not necessarily expect every respondent to know the answers to every question. For presentation of percentages, we have consistently stripped out the Dont Knows and Not Applicables. If the proportion of Dont Knows was signi cant, we refer to this in the text.

As a result, the number of responses varied signicantly by question, so weve included against each gure in the report the number of responses received. This gives a good guide to the margin of error from sampling error to apply when extrapolating the results (at 95% con dence levels, the margin of error on 1,000, 600 and 100 response samples is +/- 3%, +/-4% and +/- 10% respectively).

As in the past, we have presented the results for large organisations (more than 250 employees) and small businesses (less than 50 employees) separately, and explained in the text any differences seen for medium-sized ones (50-249 employees). The 2008 and earlier surveys quoted overall statistics based on a weighted average; these were virtually identical to the results for small businesses.

Respondents came from all industry sectors, with a sector breakdown that is consistent with that seen in previous surveys. As in 2012, roughly a third of the respondents were information security professionals, roughly a third were IT staff and the remainder were business managers, executives or non-executive directors. As in the past, the highest response rates were from companies headquartered in London or the South-East of England; these made up just under half of the respondents.

ISBS 2013

Rt Hon David Willetts MP, Minister for Universities and Science.

How many staff did each respondent employ in the UK?

Figure 1 (based on 1,365 responses)









21% 23%






ISBS 2012 ISBS 2013

Less than 10 employees 250-499 employees

10-49 employees 500 or more employees

50-249 employees

In what sector was each respondents main business activity?

Figure 2 (based on 1,402 responses)






8% 6%


3% 3%

2 21


Other Banking

Property and construction Insurance

Pharmaceutical Other financial services

Manufacturing Government

Utilities, energy and mining Education

Travel, leisure and entertainment Health

Telecommunications Retail and distribution

Technology Services


Executive Summary INFORMATION SECURITY BREACHES SURVEY 2013 | technical report

Security breaches reach highest ever levels Both external attacks and the insider threat are signi cant

The number of security breaches affecting UK business continues to increase. Attacks by outsiders (such as criminals, hacktivists and

The rise is most notable for small businesses; theyre now experiencing incident levels previously only seen in larger organisations.

Large organisations

(> 250 staff)

Overall cost of security breaches

Average number of breaches in the year

% of respondents that had a breach

Cost of worst breach of the year

Trend since 2012 Small

businesses (< 50 staff)

competitors) cause by far the most security breaches in large businesses - the average large business faces a signi cant attack every few days.

of large organisations were attacked by an unauthorised outsider in the last year (up from 73% a year ago)

of large organisations were hit by denial-of-service attacks in the last year (up from 30% a year ago)



of large organisations detected that outsiders had successfully penetrated their network in the last year (up from 15% a year ago)

of large organisations know that outsiders have stolen their intellectual property or condential data in the last year (up from 12% a year ago)



of large organisations had a security breach last year93%

Small businesses used not to be a target, but are now also reporting increasing attacks.

of small businesses were attacked by an unauthorised outsider in the last year (up from 41% a year ago)

63%of small businesses had a security breach in the last year (up from 76% a year ago)

87% of small businesses were hit by denial-of-service attacks in