What Is a Cyber Breach and What Should You Do?
A clear, direct answer to this question — written for UK business owners and IT decision-makers.
Direct Answer
A cyber breach is any incident where unauthorised parties access, steal, corrupt, or disrupt your business data or systems. 43% of UK businesses experienced a breach in the past 12 months. The average cost of the most disruptive breach is £3,550 — rising to £8,260 where data or money was lost. Immediate steps: isolate affected systems, contact your IT provider, report to Action Fraud, and notify the ICO within 72 hours if personal data was compromised.
Key Points
What you need to know.
The Short Answer
A concise overview of what you need to know.
For UK Businesses
How this applies specifically in the UK context.
Cost Considerations
What to expect in terms of investment and ongoing costs.
Next Steps
What you should do with this information.
Quick Comparison
| Feature | Option A | Option B |
|---|
Frequently Asked Questions
Phishing remains the leading cause, with 85% of businesses that experienced a breach identifying it as the attack vector (DSIT 2025). Other common causes include compromised credentials, unpatched software vulnerabilities, and misconfigured cloud services. Most breaches exploit basic security gaps rather than sophisticated techniques, which is why foundational controls like MFA and patch management prevent the majority of incidents.
If a breach involves personal data, UK GDPR requires you to notify the ICO within 72 hours of becoming aware of it. You must also inform affected individuals if the breach poses a high risk to their rights. Failure to report can result in fines of up to £17.5 million or 4% of annual turnover. The average cost of the most disruptive breach is £3,550 (DSIT 2025), but regulatory penalties can far exceed the direct incident cost.
A cyber attack is any attempt to compromise your systems — including unsuccessful ones. A cyber breach occurs when an attack succeeds and unauthorised access, data theft, or disruption actually takes place. With 43% of UK businesses experiencing a breach or attack (DSIT 2025), the distinction matters for incident reporting, insurance claims, and regulatory obligations, as breaches involving personal data trigger specific legal duties.
Related Questions
What Is Ransomware?
Ransomware is the most financially damaging type of cyber breach — how it works and how to prevent it.
What Is Phishing?
Phishing is the most common cause of cyber breaches in UK businesses.
Cybersecurity Guide for UK SMEs
The controls that reduce your likelihood of a breach and your recovery time if one occurs.
Protect your business → Get Cybersecurity Assessment