Failed action plan for UK cybersecurity

According to zdnet.com, 2/3 of largest UK business suffered a breach within the last 12 months and 1/4 of them suffer a breach 1/month.  And  51% of medium firms also suffered cyber attacks, 33% small firms and 17% for micro firms. These number are even more staggering when factoring in just breaches that were reported.  The cause of the cyber breach is reported to be virus, malware and spyware.
By the numbers...
Of the over 13,000 businesses surveyed, a few key breakdowns

• Manufacturing totaled 687: Small/Micro 150 | Medium 313 |Large 224
• Retail/Wholesale/Vehicle Repair totaled 657: Small/Micro 324 | Medium 192 | Large 141
• Finance or insurance totaled 1315: Small/Micro 718 | Medium 277 | Large 320
• Health or social care totaled 432: Small/Micro 113 | Medium 248 | Large 71

Summary Results:

• 69% of business claim cyber security is a high priority for senior managers but only 51% have taken recommended action plans to identify and 29 have formal written cyber security policies
• 65% of firms detected cyber breach within the past year due to 68% being virus/malware/spyware and 32% impersonation of the organization
• $3.4 Million was the most costly breach identified…average for large firms was $41,600
• 51% have taken 5 or more Government’s 10 steps to Cyber Security, of which 28% include technical measures
• 13% have cyber security standards for their suppliers (25% medium and 24% large firms)

Source: Cyber Security Breaches Survey 2016