Nearly Half Of UK Organisations Suffer Multiple Breaches

New research has highlighted a number of worrying trends and developments in the cybersecurity space for UK organisations.

It comes in a new report from application security testing specialist Checkmarx, which uncovered a number of alarming trends in cyber breaches, supply chain attacks and security confidence.

It comes after Vodafone today said it was examining reports that 200GB of data, including source code data is being touted for released by a hacker group.

Multiple breaches

The Checkmarx report meanwhile, entitled “AppSec: The View from Security and Software Development Experts” found that 45 percent of UK respondents in firms with more than 1,000 staff, have been breached twice in the last 12 months as a direct result of a vulnerable application.

Indeed, 22 percent of respondents said they had been breached three times.

And the survey made it clear that internal security teams are being held responsible, with organisations not adverse to penalising those deemed responsible for protection against security breaches.

A third (34 percent) of UK organisations who had experienced a security breach relating to an application in the year preceding the survey, have laid off staff seen as bearing responsibility.

The research, carried out last year, gathered combined responses from 1,524 application security (AppSec) managers and software developers across the US, UK, France, and other countries.

The survey also looked at what led to these breaches, with 43 percent of respondents stating they suffered a software supply chain attack, an attack vector proving to be a popular option among malicious threat actors.

The Checkmarx report also found other factors which contributed to breaches include cloud application misconfigurations (40 percent), malicious third-party packages or components (39 percent), and known, but unpatched, vulnerabilities (38 percent).

The report also found that breaches delivered a number of outcomes, with respondents reporting these to be theft or loss of customer data (40 percent), loss of customers (39 percent), decline in customer trust (34 percent), intellectual property theft or loss (33 percent), and loss of revenue (32 percent).

NCSC warnings

The Checkmarx report and its findings comes after the UK’s cyber guardian, namely GCHQ’s National Cyber Security Centre (NCSC) has issued multiple warnings to UK organisations to shore up their cyber defences.

This has been echoed by UK allies, and comes amid a worsening geopolitical situation in Ukraine after Russia’s invasion.

That said, security experts and observers have expressed surprise that the conflict has not involved great numbers of cyberattacks.