European Businesses Unsure of Damage to Data Caused by Targeted Attacks

31 companies admit they didn’t know if data was stolen following an attack 


London, 26th November 2015 – European businesses are struggling to ascertain if their data has been compromised in the wake of a targeted cyberattack, according to new research from Quocirca and Trend Micro.

Out of 251 companies that had been successfully targeted, 31 admitted that they were not aware if any data had been stolen and six businesses knew of an attack, but did not know how much data had been lost. In the light of the recent large-scale data breaches, this research demonstrates that many European businesses are still unprepared for targeted attacks and how to manage their aftermath.

This lack of knowledge around their own data comes in spite of the fact that targeted attacks are being taken more seriously by European businesses. In 2013 26% of respondents were complacent about these breaches. However, in 2015 this figure has plummeted to just 6%. Almost a quarter of respondents now agree targeted attacks are inevitable, while 26% feel they are a growing concern and 44% feel they are a long term concern. This is huge change in attitude to the online threat in the last two years – though that does not seem to translate into action for many.

It is clear for any European organisation, complacent or otherwise, that they will almost certainly be targeted. Moreover, there is a greater than 1 in 10 chance that this will lead to serious data loss and or/reputational damage. Most companies accept they have been targeted more than once, while 70% of 369 companies admitting the number of attacks are increasing. Less than 5% of respondents said the numbers were decreasing.

Although overall figures for the UK were lower, six British organisations still made it onto the list of the worst 40 reported attacks – including the two of the most serious incidents, both involving costs of more than €1 million, devastating data loss and serious reputational damage. All six organisations had specialist IT security teams, operations centres and/or managed security service providers in place.

“Despite the bleak picture being painted, our research has discovered that various before, during and after measures are proven to be effective against, or respond to, targeted attacks,” said Bob Tarzey, Analyst and Director. “Just having a security function is not enough, effective measures need putting in place, including cyber fire drills, which can be deployed to support reducing reputational damage and overall cost attacks to businesses”.

“Being alive to the potential cost is making European organisations look to prepare for the worst via breach response plans,” commented Rik Ferguson, VP Security Research, Trend Micro. “Deploying these plans helps to reduce the cost and impact of targeted attacks. These plans need to be designed to go way beyond just repairing damage to IT infrastructure. They need to be very thorough and include elements such as proactive communications with data subjects, regulators and the media. Breach response is no longer the preserve of the IT department, but also the board and public relations, among others”.

About the research
The research was carried out in August 2015 by Quocirca and surveyed 600 senior IT decision makers across Europe. Specifically, there were 100 respondents in the UK and 100 respondents from each of the following regions: Spain, Italy, Germany, France and Nordic regions.

About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, Trend Micro™ Smart Protection Network™ provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.

All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.

For more information, visit Or follow our news on Twitter at @TrendMicroUK.