What you need to know about cybercrime

Global cyber and software resilience business NCC Group unpicks 2023 data that shows businesses are underprepared for cyber attacks.

Cybercrime is a frequent occurrence in today's world. Hackers attack every 39 seconds, meaning a cyber attack takes place 2,244 times a day. According to IBM’s Cost of a Data Breach Report 2023, the average cost of a data breach on a global scale was an estimated $4.45m in 2023.

Despite the intensity of attacks, 77% of security and IT professionals worldwide indicate they do not have an incident response plan applied consistently throughout the company.

This may negatively impact the amount of time it takes to identify and contain a breach, which in turn increases the cost of a breach.

The average time to identify and contain a breach in 2023 was 204 days. However, research by the Ponemon Institute, a US research centre dedicated to privacy, data protection and information security policy, indicates a breach with a life cycle under 200 days costs $1m less than one with a lifecycle of more than 200 days.

The impact of remote working on cyber strategy

The situation for businesses is further complicated by the challenges and increased vulnerabilities that have been brought on by the growing use of remote working across the globe in recent years.

According to research by the Ponemon Institute, 76% of respondents whose companies have shifted to remote work expect that working from home could increase the time it takes to identify and contain a data breach. Additionally, 70% of respondents expect that remote working could increase the cost of a data breach.

There is a disconnect between business' experience and concern about cyber security threats, and their understanding and ability to implement effective preventative measures.

The most significant barriers to good cyber security practices are typically:

  • A lack of dedicated IT security staff, as well as difficulty recruiting cyber talent
  • Insufficient planning for and response to cyber incidents
  • A failure to identify weaknesses, or uncertainty about where to begin
  • Underestimation of cyber security risks
  • Limited understanding of their own cyber security posture


The reality of cybercrime is that it's more likely a case of when and how bad an incident will be for an organisation, rather than if it will occur.

And while you can't control when an attack will happen, you can limit its impact through effective preparation and a detailed incident response plan.

Common cyber threats

Three of the most common cyber threats to organisations of all sizes are malware, phishing, and ransomware.

  1. Malware
    Malicious software, including viruses, spyware, trojans and worms, designed to access important information, take control of a person's computer or spy on them.
  2. Phishing
    The use of fraudulent emails to trick victims out of money or information, or into downloading malware. The emails will mimic individuals or organizations that the person knows and trusts.
  3. Ransomware
    A type of malware that locks down your computer or files until a ransom is paid. They usually gain access via a legitimate-looking email link or attachment and often ask for payment in cryptocurrencies.

Which sectors are more at risk?

While every organisation should prepare for cyber threats such as these, this is especially important if your business falls into one of the most at-risk industries for cybercrime: healthcare, manufacturing, financial services, government agencies, and education.

These industries are highly targeted for several reasons, including the personal data and intellectual property they hold, the amount of money they handle and the impact that their service disruption could have on a society or State.

Preparing for a cyber incident

It's important to first review preventative measures when looking to reduce the risk of a cyber attack. However, the likelihood of businesses experiencing a cyber incident is high, so effective risk management must also include a cyber incident response plan and team.

It’s never been more important to have a cyber incident response plan in place, but the majority of firms simply don’t have one. The likelihood and cost of a cyber-attack is high, so I implore every firm to learn more about cyber planning and take action - now.

Neil Bellamy
Head of Technology, Media & Telecoms, NatWest Group

To learn more or read NCC Group’s Guide to Incident Response Planning, visit NCC Group.

This material is published by NatWest Group plc (“NatWest Group”), for information purposes only and should not be regarded as providing any specific advice. Recipients should make their own independent evaluation of this information and no action should be taken, solely relying on it. This material should not be reproduced or disclosed without our consent. It is not intended for distribution in any jurisdiction in which this would be prohibited. Whilst this information is believed to be reliable, it has not been independently verified by NatWest Group and NatWest Group makes no representation or warranty (express or implied) of any kind, as regards the accuracy or completeness of this information, nor does it accept any responsibility or liability for any loss or damage arising in any way from any use made of or reliance placed on, this information. Unless otherwise stated, any views, forecasts, or estimates are solely those of NatWest Group, as of this date and are subject to change without notice. Copyright © NatWest Group. All rights reserved.

scroll to top