More than three in five firms across the US and six European countries reported one or more cyberattacks in the past 12 months, but the proportion achieving top scores for their cyber security readiness was marginally lower year-on-year according to insurer Hiscox.
The group’s latest survey includes responses from more than 5,400 small, medium, and large businesses across the US and the UK, Germany, Belgium, France, the Netherlands, and Spain.
Hiscox reports that 55% of the UK companies participating in the survey reported a cyberattack over the period, up from 40% in the previous 12 months. Average losses from cyberattacks increased by 61%, from US$229,000 (£176,000) previously to US$369,000 (£284,000). German firms suffered the greatest number of attacks, one reporting that the cumulative cost to it had been $48 million.
Low defence budget
The Hiscox Cyber Readiness Report 2019 found that only 10% of the private and public sector organisations in the seven countries surveyed achieved high enough marks in cyber security strategy and execution to qualify as cyber security experts.
Although larger firms are still the most likely to suffer a cyberattack, the proportion of small firms with less than 50 employees reporting an incident jumped from 33% to 47%.
“Where hackers formerly focused on larger companies, small and medium-sized firms now look equally vulnerable,” said Gareth Wharton, cyber CEO at Hiscox. “Cyber threat has become the unavoidable cost of doing business today,”
Of the seven countries surveyed, UK firms had the smallest budgets available to instigate measures against cyberattacks. On average, companies from the other six countries allocated an annual budget of $1.46 million to enhancing their cyber security, while the figure for UK firms was less than $900,000.
The report notes that UK firms also fared particularly badly when it came to assessing companies’ readiness to prepare against attacks.
“They may feel like they won’t be targeted, as we tend to only read about large breaches in the press,” said Wharton. “If they incorrectly feel that they won’t be targeted, they may be less likely to spend on cyber security.”
Although the report’s findings are generally gloomy, Wharton added: “The one positive is that we see more firms taking a structured approach to the problem, with a defined role for managing cyber strategy and an increased readiness to transfer the risk to an insurer by way of a standalone cyber insurance policy.”
The findings support warnings from the World Economic Forum (WEF) that cyber security has become one of the biggest issues for the global economy. It recently reported that “economic loss due to cybercrime is predicted to reach $3 trillion by 2020.” The WEF added that “74% of the world’s businesses can expect to be hacked in the coming year.”
Cyber attackers could target world’s financial markets - report
SWIFT & BAE Systems cyber threats report shows risky future for securities markets and trade finance
Cyber risks rise dramatically as companies embrace new tech
Digital transformation brings risk, exposing companies to higher and more costly cyber risks, according to a report by ESI ThoughtLab
Cyberattacks triple in financial services sector in past 5 years
Cybercrime has a greater impact on financial services than on any other industry, with greater costs and a higher attack rate, according to research by Accenture and the Ponemon Institute
Cybersecurity is all about trust, but who do you trust?
Remove TRUST GAPS between board & company & business units & IT cybersecurity & external vendors/suppliers & government AND with technology providers
Cybersecurity is Achilles heel of Asian corporates
Nearly half of all Asia Pacific corporates have experienced a cybersecurity threat in the past year but only 15 per cent are certain no breach has occurred