The research found that for more than half of the organisations affected, criminal activity resulted in losses of over $100,000, or around £72,000. That’s higher than the 37 per cent of global firms that said such crime had led to damages of that scale. PwC also said that almost a quarter of UK victims admitted to losing more than $1m, or around £720,000, as a result.
But the professional services firm said that despite the stark numbers, UK organisations are generally not doing enough to prevent fraud. In fact, only half of respondents to the survey said that their firm had carried out a fraud risk assessment in the last two years – a first step to establishing a defence. PwC questioned more than 7,000 businesses globally, of which 146 were based in the UK.
Fran Marwood, forensics partner at PwC, said that while the direct losses as a result of fraud and criminal activity are quantifiable, “the wider effects can be far more damaging”. “UK organisations told us that the cost and disruption of sorting out the aftermath, as well as the effect on employee morale, business relations, and brand are big hidden costs,” he said. “Times of uncertainty and change often help fraudsters to exploit weaknesses in an organisation’s systems, so in this current period of rapid business change, understanding the risks and possible avenues for attack is more crucial than ever,” Mr Marwood added.
PwC found that by type, cybercrime has been the most prevalent globally. It found that much of the cybercrime attacks on UK firms come from overseas. Mr Marwood said that cyber defence relies heavily on people understanding the threat, “so training, awareness and escalation routes are just as important as defensive technology”.
Author – Josie Cox