About 75% of organisations have experienced a serious cyberattack in the past three years -- up from 60% last year -- according to the 2022 Cyber Security Insights Report conducted by S-RM, a global intelligence and cybersecurity consultancy.

The report, using information from 600 C-suite and IT budget holders from organisations with more than $500 million in revenue, also found that US businesses were slightly more likely to experience a serious cyberattack (77%) than those in the UK (73%), although both markets saw an increase in attacks.

"This is a growing problem and one with serious ramifications for affected organisations," S-RM board director Jamie Smith said.

The attacks averaged almost $3.4 million in damage, with a reported average direct loss from a serious cyber incident of $1.5 million -- which doesn’t take into account the long-term fallout of further financial losses.

"Often businesses will focus on the direct financial impact of a cyber incident, but the indirect impact can be even higher and far more difficult for them to accurately quantify," Smith said.