Newly published research on cyber resilience amongst UK busineses by Howden, an insurance group, shows that half (52%) have suffered at least one cyber attack in the last five years, totalling £44 billion of lost revenue.
Businesses who have an annual revenue of over £100m were the most targeted group, with 74% of those surveyed having suffered a cyber attack over the past five years. However, threat levels are elevated across all businesses, with half (49%) of SMEs with a revenue of £2m to £50m also experiencing a cyber attack over the same period.
The most common causes of cyber-attacks were compromised emails (20%) and data theft (18%), with the average cost of these attacks equating to £2.1m and £2m respectively.
In spite of the growing threat posed by cyber-attacks, take up of even the most basic cybersecurity measures remains low, highlighting a critical cybersecurity knowledge gap within UK businesses. Currently, 61% of businesses are actively using antivirus software and only 55% are employing network firewalls. Organisations cite a number of obstacles to improving their cyber security, including cost (26%), insufficient knowledge (26%) and lack of internal IT resource (22%).
However, by implementing cyber security basics, Howden estimates that UK businesses could reduce cyber-attack costs by up to 75% (a total of £30bn from 2019-24), with the introduction of these measures saving the average UK business £3.5m over ten years, equating to a return on investment of 25%.
In aid of greater take up, UK businesses say that new policy measures such as tax relief on cyber investment (33%) will be the most effective way of improving cyber resilience within businesses, followed by free access to cyber expertise and resources (32%), compulsory minimum cyber standards (31%) and compulsory cyber insurance (26%).
The insurance industry must therefore work alongside the government to raise awareness of the growing severity and frequency of cyber-attacks and the return on investment that can be achieved with the implementation of cyber security measures. In addition, the insurance industry has a vital role to play in boosting resilience by advising businesses on security and offering incident response services.
“Cybercrime is on the rise, with malicious actors continuing to take advantage of cybersecurity vulnerabilities, particularly as firms become ever more reliant on technology for their operations. UK businesses are currently losing a significant amount of revenue to cyber-attacks, and the insurance industry is crucial to strengthening resilience and raising awareness of the security measures needed to help businesses protect their operations,” commented Sarah Neild, Head of UK Cyber Retail, Howden.
“Engagement with SMEs will be particularly important. This segment has been historically underserved by the cyber insurance market yet forms an important backbone of economic activity, both in terms of its size but also as an engine of growth. Through increased insurance penetration and education about implementation, we can help businesses improve their cyber resilience and protect against loss of revenue from these attacks,” Neild concluded.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.