Thales News Release

UK The Most Breached Country In Europe, But Organisations Aren’t Feeling The Threat

May 29, 2018

37 per cent of businesses reported cyber-attacks in the last year, but IT security spend remains low compared to EU counterparts

Thales, a leader in critical information systems, cybersecurity and data security, announces the results of its 2018 Thales Data Threat Report, European Edition, revealing the UK as Europe’s most breached country of last year.

However, despite a 24 per cent increase in the number of attacks – figures rose from 43 per cent to 67 per cent year on year – British businesses claimed to feel less vulnerable to data threats, compared to those across Germany, Sweden and the Netherlands.

Last year in numbers

Last year saw a number of extremely high-profile cyber-attacks hit Europe, with ransomware cryptoworm, WannaCry and wider-reaching malware, Bad Rabbit, crippling thousands of systems including the UK’s National Health Service (NHS). Large-scale names such as Equifax, Accenture and T-Mobile also became victims of cyber-crime, putting both their data and reputations at risk.

  • While more organisations across Sweden (78 per cent) and the Netherlands (74 per cent) admitted to being breached in the past – as opposed to 67 per cent in the UK – the last 12 months was a different story.
  • 37 per cent of businesses across the UK were breached
  • 33 per cent of German respondents were breached
  • 30 per cent of organisations in Sweden were breached
  • 27 per cent of respondents across the Netherlands were breached

Appearing unaffected by the rise in attacks, just 31 per cent of UK organisations said they feel ‘very’ or ‘extremely’ vulnerable to data threats, leaving the majority (69 per cent) feeling ‘somewhat’ or ‘not at all’ vulnerable Businesses across Sweden claimed to feel the most vulnerable (49 per cent), followed by the Netherlands (47 per cent) and Germany (36 per cent).

Mapping the spend trend

Despite 7 in 10 respondents (69 percent) feeling just ‘somewhat’ or not at all vulnerable to cyber-attacks, the same ratio of UK organisations reported an overall increase in their IT security spending, with 15 per cent outlining it to be ‘much higher’ than last year. This rise was, however, still less than spend in both Sweden (in which three quarters of businesses have upped their budgets to offset threats) and Germany (76 per cent).

While 72 per cent of organisations overall have dedicated more money to IT security, British businesses appeared to still fall short compared with their European counterparts. Almost two in every five (39 per cent) Swedish respondents admitted their budget was ‘much higher’ than last year, while an additional 36 per cent claimed it to be ‘somewhat higher’. The Netherlands and France both followed suit, with 29 per cent and 24 per cent spending a lot more this year on security.

A dip in compliance

The timeframe from announcement to implementation for the European General Data Protection Regulation (GDPR) gave organisations plenty of time to prepare themselves for compliance. However, the report results tell a different story, with high rates of failure for compliance audits, especially in the last year.

Businesses in Sweden ranked highest for failure, with almost half (49 per cent) missing the mark for compliance audits. Those across the Netherlands were next in line at 38 per cent, closely followed by Germany at 33 per cent. On the other hand, 19 per cent of UK organisations reported failing data security audits in the last year.

Aside from the UK, all other European countries showed decline in their efforts to meet compliance, a worrying set of results with so many changes to standards and regulations. Despite this drop, respondents across the board all cited compliance as being effective when it comes to preventing data breaches.

Peter Galvin, Chief Strategy Officer, Thales says:

“A tidal wave of data breaches is continuing to roll across Europe, with three in every four organisations now a victim of cyber-crime. As a result, people are feeling more vulnerable than ever before, worried about where the next threat will come from, and in what form. To stand the best chance of success against these advanced attacks, businesses need to dedicate the appropriate level of attention, budget and resource into safeguarding their sensitive data, wherever it happens to be created, shared or stored. The deployment of encryption is a well-recognized strategy to mitigate the risk of data breaches and cyber-attacks as well as protect an organisation’s brand, reputation and credibility”

Download your copy of the 2018 Thales Data Threat Report – European edition.


The Thales 2018 European Data Threat Report is based on data from 400 senior security managers across Germany, UK, the Netherlands and Sweden – all part of the Thales 2018 Global Data Threat Report, that polled 1,200 security managers across eleven countries, and four major vertical markets.