Talion is a finalist for Best SIEM Solution for the 4th year in a row

Talion is a finalist for Best SIEM Solution for the 4th year in a row

5 Key Findings From The Cyber Security Breaches Survey 2022 - Talion

It’s that time of the year again – the release of the government’s Cyber Security Breaches Survey!

The report explores the approach to cybersecurity within businesses, charities and educational institutions, regarding the different cyber-attacks they face, the cost of these attacks, security practices in place and more.

To save time reading the full report, we’ve gathered 5 key points from the survey that we believe are particularly important for organisations to know.


Attacks aren’t always identified

This year, 39% of UK businesses identified a cyber-attack, remaining consistent with the previous year. However, with the deployment of enhanced cyber security measures by many companies, there comes a higher identification of attacks. Organisations without this level of visibility may be underreporting – not only does this skew survey statistics, but do these less cyber mature companies then fall into a trap of believing that they are safe when they’re not?

We’ve seen an encouraging trend for organisations to share their stories to increase awareness and understanding in community-run groups such as #RansomAware. We believe this provides important insights into the struggles organisations currently face, since peers can read one another’s real life experiences which are often more relatable, reliable and detail-specific than a simple statistics. This sharing also means that organisations have the opportunity to learn from one another.


Cybersecurity is high priority for these 3 sectors…

Cybersecurity is becoming increasingly important as statistics reach an all-time high, perhaps an outcome of last year when it was deprioritised to focus on business continuity during the pandemic.

Due to the handling of huge amounts of personal identifiable information (PII), it’s no surprise that the sectors that place the highest priority on cybersecurity are Finance & Insurance, Health/Social Care and Information & Communications. However, we believe Higher Education is an emerging priority sector – one that has been under-resourced and under-researched.

In Sophos’ State of Ransomware survey of 499 IT decision makers in the education sector, it was found that nearly half of organisations were hit by ransomware in the last year. With relatively low budgets, the need to manage a transitory workforce, and the difficulty of employee compliance, amongst many more unique challenges, the Higher Education sector may struggle to remediate these attacks as time goes on.




Lack of board members with responsibility for cybersecurity

Although four in five (82%) of boards or senior management within UK businesses rate cyber security as ‘very high’ or ‘fairly high’ priority, only 34% of businesses have a board member responsible for cybersecurity. This lack of representation across senior leadership creates a barrier to secure appropriate amounts of funding for cybersecurity measures and can result in significant pressure on IT teams to deliver without the board’s support. This can create a reactive approach where board members view investment in cybersecurity as a cost rather than an investment and it can also lead to unnecessary spending in the wrong areas.

Organisations would benefit from board meetings that encourage communication between the security experts and senior leadership to evaluate business continuity and resilience in an environment that welcomes questions, challenges and productive solutions that work for the business. The Cyber Security Breaches Survey has acknowledged that having a senior leader with a good understanding of cybersecurity improved the knowledge of other board members and increased awareness amongst the wider body of staff, however for those organisations where this doesn’t seem immediately possible, communication is a good starting point.

If cybersecurity issues can be presented as more than just an IT issue but a fundamental risk to the business continuity as a whole, board members are more likely to take appropriate action.


Cybersecurity practices are completely overlooked by almost half of organisations

Only 54% of organisations carried out at least one of the following activities in 2022:

  • Used specific tools designed for security monitoring
  • Risk assessment covering cyber security risks
  • Tested staff (e.g. with mock phishing exercises)
  • Carried out a cyber security vulnerability audit
  • Engaged in penetration testing
  • Invested in threat intelligence

With the ever-increasing number of cyber-attacks, this is a very low number. Whilst larger organisations can often afford to invest in cybersecurity measures, smaller businesses may lose out or feel overwhelmed by the prospect, consequently avoiding the problem.



The NCSC has a cybersecurity guide dedicated to small businesses with practical and affordable recommendations, such as backing up data, using passwords smartly and keeping smartphones safe. However, cyber hygiene is not enough and it’s inevitable that employees will still click on links. SME’s are best looking to hybrid solutions to bring the best value to their needs, such as Threat Intelligence and Managed, Detection and Response (MDR) services.


Only 23% of businesses have a formal cyber security strategy

Once the car has crashed is not the time to go looking for car insurance; it’s the time you want to make that phone call to your insurer and have everything taken care of. The same goes for a cyber-attack. It’s vital that companies have a strategy in place before something goes wrong. Because it will.

Try asking yourself the following questions in regards to your organisation:

  • What are your “crown jewels” – those assets that you really cannot afford to lose or have compromised?
  • What would happen to your business if you suffered a breach?
  • Who would you call in an emergency?
  • Who will notify the Information Commissioner’s Office (ICO) when you suffer a breach?
  • How would you address your customers in this situation? Whose responsibility will it be?

If any issues arise when answering these questions, it may be time for your organisation to reconsider your approach to security to ensure the appropriate action can be taken to resolve any problems.

40% of businesses overall use MSPs to help outsource the management of their cybersecurity – this is affordable and effective for many organisations where IT teams are overwhelmed with security alerts.

Managed Software Service Providers (MSSPs) go one step beyond to offer your business a helping hand, taking control of the identification, analysis and remediation of cyber threats with greater speed and accuracy, improving your security posture. This can be useful for even the smaller companies, which may not have a dedicated security team or are struggling to bear the weight of security alerts with a lean team.



Overall, the Cyber Security Breaches Survey 2022 has positively shown that organisations are placing a greater emphasis than before on cybersecurity with higher engagement amongst staff. Despite this, businesses still lack organization, planning, and communication necessary to deal with the impact on their business when something goes wrong. Gaps remain around cyber hygiene – it’s one thing knowing what’s good practice, and another implementing that practice.

Improving cybersecurity practices is an ongoing process that organisations will constantly find themselves reviewing, changing, and evaluating, but with greater awareness and understanding, cyber protection is achievable.

To read the full report of the Cyber Security Breaches Survey 2022, click here.

For further insight into the benefits of a Managed Detection and Response (MDR) service for mitigating cyber risk, download the brochure here.

Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
24x7x365 UK-based Security Operations Centre
Service underpinned by market leading threat intelligence team
Continually developed threat relevant content, backed by SLAs
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Experts in SIEM and SOAR technology
UK-based Senior Leadership
Looking to maximise value and flexibility?
Learn how Talion and DEVO partner to achieve this.
Discuss your cyber security needs
Contact us below and one of our team will be in touch to answer your questions.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Get In Touch With Us

Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.

CISO Cyber Dinner – Register Your Interest!

Thought-provoking cyber security discussion at Michelin-star restaurants across the UK.