Cyberattacks are no longer something that only affects a few unlucky firms. Insurer Hiscox published its annual Cyber Readiness Report in April 2019, and this showed that 55% of all UK firms and 61% of firms globally have experienced some form of cyber breach within the last 12 months. These figures represent a significant increase on the equivalent figures for 2018, which showed that 40% of UK firms and 45% of firms worldwide had been attacked.
Criminals are more likely to target larger firms, with the 2019 report data showing that 70% of firms with more than 250 employees have been attacked in the last 12 months, and when we look only at firms with more than 1,000 employees, this increases to 74%.
However, smaller firms cannot afford to neglect this issue, as here the proportion of firms being attacked is rising sharply. In the 2018 report, 33% of small firms had been targeted, but this has now risen to 47%, and amongst medium sized firms (those with between 50 and 249 employees) it has risen from 36% to 63%.
Globally, the average financial loss from each cyberattack was £285,096 in the 2019 report, up by more than a quarter from the £229,000 figure reported last year. In the UK, the average loss has increased sharply from £103,000 to £180,000 in the last 12 months. Despite this, UK firms are spending considerably less than their foreign counterparts on cyberattack preparations.
On a more positive note, 39% of all firms said they had committed money to staff training on this issue, up from 34% in last year’s report. However, whilst 80% of UK firms were able to demonstrate a commitment to cybersecurity, the report says that 72% of these firms are “vastly unprepared” should a cyber incident occur. Only 10% of firms earned the ‘expert’ standard when Hiscox assessed the provisions they had in place.
Hiscox obtained its figures by surveying some 5,400 firms in seven countries: the US, UK, Belgium, France, Germany, Spain and the Netherlands.
Gareth Wharton, Hiscox’s Cyber CEO, commented:
“This is the third Hiscox Cyber Readiness Report and, for the first time, a significant majority of firms report one or more cyberattacks in the past 12 months.
“Where hackers formerly focused on larger companies, small and medium-sized firms now look equally vulnerable. The cyber threat has become the unavoidable cost of doing business today.
“The one positive is that we see more firms taking a structured approach to the problem, with a defined role for managing cyber strategy and an increased readiness to transfer the risk to an insurer by way of a standalone cyber insurance.”
The information shown in this article was correct at the time of publication. Articles are not routinely reviewed and as such are not updated. Please be aware the facts, circumstances or legal position may change after publication of the article