Hiscox cyber breaches survey: 55% of British firms ‘report cyber-attacks in 2019’

In today’s cyber-threat landscape, spotting malicious threats requires advanced security controls and high-level visibility. Organisations who successfully protect their data are those who invest in solutions which offer cyber threat intelligence and surveillance capabilities. To safeguard business critical data, you must have a layered approach to protecting it. This should involve having security controls at each potential entry point to your internal systems. Unfortunately, there are still many organisations who fail to implement the necessary security measures to keep their data safe from cyber criminals.

A recent survey conducted by the leading cyber insurer Hiscox discovered a sharp rise in cyber-attacks worldwide. 5,400 small, medium and large firms in the UK, US, Belgium, France, Spain, Germany and the Netherlands were involved. The aim was to evaluate the effectiveness of their cyber security processes and controls.

Shockingly, the results of the survey show a huge surge in UK firms reporting cyber-attacks in 2019. The insurer found that 55% of UK companies have suffered a cyber breach this year. A huge proportion of businesses also admitted that they are ill prepared for cyber-attacks. Please see below for a more detailed summary of the survey’s findings.

• While three out of five firms (61%) have reported one or more attacks in the past year (up from 45% from 2018) the proportion of these achieving top cyber security readiness is decreasing year-on-year.
• This year shows an increase in the number of small and medium-sized firms attacked. Although larger firms are still the most likely to suffer a cyber-attack, the proportion of small firms reporting an incident is up from 33% to 47%. Even more worryingly, the proportion for medium sized businesses has leapt from 36% to 63%.
• UK companies have the lowest cyber security budgets out of all the counties. The average was £692,005 in comparison to £1.12m spent by other countries.
• This year there has been an increase in firms failing the cyber readiness test. The results showed that only one in ten (10%) achieved ‘expert’ status compared to 11% in 2018. The most notable finding is that 74% ranked as unprepared security ‘novices’.
• Companies who were targeted by cyber criminals reported a sharp rise in the cost of a security breach in the past year. The cost jumped from £27,000 to £155,000.
• 65% of firms reported to have suffered supply chain cyber incidents in the past year. The industries worst affected are media, technology, telecoms and transport firms. Consequently, 54% of firms now evaluate the security of their supply chains regularly.
• If you would like to read the full report you can do so here

It is never too late to take important steps to reduce cyber risk for your organisation. Although the results of this survey are a little frightening, you should not be disheartened! Cyber security is not tick box exercise, it is an ongoing process which should be regularly reviewed and altered to keep up with the rapidly changing threat landscape.

Clearly the dramatic increase in cyber-breaches alongside the ever-growing talent shortage, is putting many businesses in difficult to defend positions. According to the Cisco Annual Security Report only 53% of companies believe “they have a good system for verifying that security incidents have actually occurred.”

To protect your business-critical assets, you must have layers of security controls which can automatically detect, contain and block malicious threats. The Cisco Security portfolio has in-depth threat hunting capabilities which allows you to focus on your top business priorities. For those businesses who do not have the in-house cyber security expertise to implement and manage these technologies, it is important to engage with Cyber Security specialists. If you would like to chat with a Cyber Security expert about how we can help you improve your security posture you can call us on 0121 663 0055.