Despite soaring cyber losses over the past year, there has been no marked improvement in corporate defences against this risk, according to a report commissioned by Hiscox. Its study of 5,400 organisations found a sharp increase in the number and cost of cyber attacks across the seven countries studied.

The Cyber Readiness Report 2019 shows that 61% of firms report having endured at least one attack in the past year, up from 45% in the previous year. The frequency of attacks also increased, with Belgian firms bearing the brunt.

Average losses meanwhile rose from £180,000 last year to £291,000 – an increase of 61%. For large firms with between 250 and 999 employees cyber related losses now top £551,000 on average compared with £128,000 a year ago. German firms suffered the greatest losses, with one reporting a cost for all incidents of £38m.

Almost 65% have experienced cyber related issues in their supply chain in the past year, with technology, media and telecoms and transport firms the most affected. Over half of respondents evaluate the security of their supply chains at least once a quarter or on an ad hoc basis.

The number achieving top scores for their cyber security readiness is down y-o-y. Using a quantitative model to assess firms for their readiness, only 10% achieved ‘expert’ status this year, slightly down from 11% in 2018. Meanwhile 74% ranked as unprepared ‘novices’. There was a sharp drop in the number of larger US and German firms achieving ‘expert’ scores. US, German and Belgian firms score highest on the cyber readiness model, while more 81% of French firms are in the ‘novice’ category.

In better news, the number of firms with no defined role for cyber security has halved in the past year – from 32% to 16%. The figure for UK firms is an impressive 80%. The GDPR is likely to have had something to do with this. And when it comes to insurance, 41% say they have taken out cyber cover in the past year, up from 33% in 2018; a further 30% plan to take out cover in the year ahead. In total, over half of larger firms now have cover; and 27% of small firms.

CEO of Hiscox Cyber, Gareth Wharton said it is no longer just larger companies that are at risk. “Small and medium-sized firms now look equally vulnerable,” he explained. “The cyber threat has become the unavoidable cost of doing business today. The one positive is that we see more firms taking a structured approach to the problem, with a defined role for managing cyber strategy and an increased readiness to transfer the risk to an insurer by way of a standalone cyber insurance policy.”

Hiscox’s Cyber Readiness Report 2019 surveyed a representative sample of private and public sector organisations in the US, UK, Belgium, France, Germany, Spain and the Netherlands.

Share Story: