skip navigation
skip mega-menu

Just 19% of Companies have Tested their Employee Response to a Cyber Incident

By The North West Cyber Resilience Centre

Employers are being urged to introduce security awareness training and make sure staff are regularly tested as the DCMS report finds many firms aren’t training their staff on the basics.

The Government’s Cyber Security Breaches Survey reported that only 19% have tested their staff response to cyber incidents and just 17% of businesses train staff on cyber security.

The stats - 2022 Cyber Security Breaches Survey


The report is an influential research study for UK cyber resilience, aligning with the National Cyber Strategy, which found: 

  • The average annual cost for a business is £4,200 for lost data or assets after breaches (for medium and large businesses the figure rises to £19,400)
  • The report found that whilst many firms (45%) allow staff to use personal devices when working from home during the pandemic, just 36% of firms have a form of cyber security policy
  • Only 19% of businesses have a formal incident response plan
  • With resources continuing to be stretched after such a hectic last 2 years, just 34% have business continuity plans that mention cyber security
  • Only 17% have completed an audit of their cyber security vulnerabilities.

Start your Cyber Incident Plan

Businesses can start to be prepared by downloading our Cyber Incident Pack which contains documents to help support your business plan its response to a cyber incident. These documents are designed to complement any existing plans or assist you in creating one.

Train your staff with the Cyber Resilience Centre

Business in Greater Manchester can train their staff for free with the Cyber Resilience Centre's fully-funded Business Resilience Program

Want us to deliver security awareness training to your whole business? Contact us today to learn more. 

Subscribe to our newsletter

Sign up here