Question to the Department for Digital, Culture, Media & Sport:

To ask the Secretary of State for Digital, Culture, Media and Sport, what proportion of (a) small businesses, (b) large corporations and (c) Government departments and agencies reported breaches of cyber security in each of the last five years.

In 2020, 43% of micro businesses, 62% of small businesses and 75% of large businesses had identified cyber security breaches or attacks in the last 12 months. Figures for the last 4 years are taken from the Cyber Security Breaches Survey.

The survey aims to account for all the types of breaches or attacks that organisations might face including accidental breaches, as well intentional and recorded cyber attacks that did not get past an organisation’s defences. This only measures the breaches or attacks that organisations have themselves identified so the figures reported may underestimate the full extent of the problem.

The total number of cyber incidents affecting central government departments is not held centrally. However, since its creation in 2016 the National Cyber Security Centre (NCSC) has continued to provide assistance to central government departments and agencies to secure their networks and develop their departmental security strategies. This includes the deployment of the NCSC’s Host-Based Capability tool to over 35,000 government devices in the past year, which helps to collect and analyse technical metadata to help government departments understand the threat they face, and ongoing engagement with government departments and agencies as part of the Active Cyber Defence service.