Cyber Security Breaches Survey 2019

Thanks for agreeing to take part in this important Government survey. Below are some of the questions the Ipsos MORI interviewer will ask over the phone. Other participants have told us it is helpful to see these questions in advance, so they can talk to relevant colleagues and get the answers ready before the call.

  • This helps make the interview shorter and easier for you
  • These answers are totally confidential and anonymous for all individuals and organisations
  • We will get your answers when we call you. You do not need to send them to us

In your last financial year just gone, approximately how much, if anything, did you invest in cyber security?

This is spending on any activities or projects to prevent or identify cyber security breaches or attacks (software, hardware, staff salaries, outsourcing, training costs etc). Please exclude any spending on repair or recovery from breaches or attacks.

To make it easiest for you, you only need to answer in one of the following ways:


  • As a number in £s
  • Or as a % of turnover or income
  • Or as a % of total IT expenditure

When it comes to cyber security insurance, which of the following best describes your situation?


  1. We have a specific cyber security insurance policy
  2. We do not currently have a specific cyber security insurance policy, but have previously considered it
  3. We do not currently have a specific cyber security insurance policy and have not previously considered it

Have you ever made any insurance claims for cyber security breaches under this insurance before?


Yes / No

In the last 12 months, approximately how much, if anything, do you think cyber security breaches or attacks have cost your organisation in total financially?

This might include any of the following costs:

  • Staff stopped from carrying out day-to-day work
  • Loss of revenue or share value
  • Extra staff time to deal with the breach or attack, or to inform stakeholders
  • Any other repair or recovery costs
  • New measures needed to prevent or protect against future breaches or attacks
  • Lost or stolen assets
  • Fines from regulators or authorities, or associated legal costs
  • Reputational damage
  • Prevented provision of goods or services to customers
  • Discouragement from carrying out future business activities
  • Goodwill compensation or discounts given to customers


£ in last 12 months

Print this page (PDF)