Cutting corners with security

1 min read

According to a report from insurers, Hiscox, the proportion of UK firms reporting a cyber-attack has jumped, with most businesses admitting they are under-prepared for breaches.

The insurer found 55% had faced an attack in 2019, up from 40% last year and almost three quarters of firms were described as "novices" in terms of cyber readiness.

Too many businesses continue to underplay the risks associated with cyber attacks and Hiscox said that a lot of businesses "incorrectly felt that they weren't at risk".

The firm surveyed more than 5,400 small, medium and large businesses across seven countries, including the UK, Germany, the US, Belgium, France, the Netherlands and Spain and found that there had been a "sharp increase" in the number of cyber-attacks this year, with more than 60% of firms having reported one or more attacks - up from 45% in 2018.

Average losses from breaches have gone up 61% to reach $369,000, while the number of firms scoring top marks on cyber security has fallen, with UK organisations doing particularly badly.

So why are UK firms fairing so badly? It seems that British firms have the lowest cyber security budgets, spending a third less than the survey average at under $1m. They also don’t have a "defined role for cyber security" in their companies.

According to Gareth Wharton, head of Cyber at Hiscox, the UK’s low spending could be because of the large number of small businesses operating in Britain, even so, this lack of preparedness is surely a worry.

Hiscox did find that the average cost of an attack in the UK was lower than the average at $243,000, and compared with $906,000 in Germany and $486,000 in Belgium.

These findings suggest that there needs to be a concerted effort to better educate companies about both personal and professional levels of cyber security.

And while awareness is growing of the impact increasingly sophisticated hackers can have on a business, surely companies shouldn’t be looking to cut financial corners when it comes to their data and cyber security protection.