Many businesses face a complex catalogue of risks including health and safety, data protection, environmental management, and other industry-specific risks. Staying up-to-date on best…
10 Cybersecurity Statistics All Business Owners Should Know
Do you know your Cybersecurity risk?
10 important statistics all business owners should know
Cyber attacks are on the rise, and businesses of all sizes are being targeted more frequently. Cyber criminals are also employing increasingly sophisticated tactics to bypass cybersecurity measures, therefore it is more important than ever for businesses to protect against cyber attacks.
95 percent of cybersecurity breaches are caused by human error.
This could be the unintentional action, or lack of action taken by employees and users that cause, spread or allow a security breach to take place. Data breaches can also be caused by more sinister forces such as malicious employees or sophisticated cybercriminals.
There were over 400,000 reports of fraud and cybercrime in the UK last year.
(Source: NFIB Fraud and Cyber Crime Dashboard)
Cyber crime shows no indication of slowing down, with reports of incidents increasing year on year. This figure does not account for all cyber breaches (for example, those caused by human error without malicious intent) so the total number for all cyber attacks and breaches will be much higher.
In 2021 UK Businesses lost more than £736 million through business cyber crime.
The average cost of a cyber breach can range from thousands up to millions. It is important to understand your business’ risks and the potential losses that could occur from a cyber attack or breach, and invest in adequate cyber insurance to protect your business.
Four in ten businesses (39%) and a quarter of charities (26%) report having experienced cyber security breaches or attacks in the last 12 months.
Sectors that are at increased risk of cyber crime include banking and financial companies, healthcare and hospitality providers, legal firms and small businesses.
In 2021 there were, on average, 270 attacks (unauthorized access of data, applications, services, networks or devices) per company over the year, an increase of 31% compared with 2020.
Cyber criminals are becoming increasingly persistent, and often a business will be subject to a range of different cyber attacks from phishing schemes to password attacks and ransomware.
Only 14% of small businesses consider their cyber attack and risk mitigation ability as highly effective.
Small businesses are particularly vulnerable to attack as many do not have the same cybersecurity budgets as larger companies. Although sophisticated cybersecurity measures are often costly, there are other measures small businesses can take to protect against cyber attacks including; keeping antivirus software and firewalls up to date, using VPNs for encrypted data transfer and remote file access, enforcing secure password policies and multifactor authentication.
83% of small and medium-sized businesses are not financially prepared to recover from a cyber attack.
The financial impact of a cyber attack can be devastating and leave businesses liable for third party costs and reputational damage, in addition to the direct costs incurred by the business following a cyber attack or breach. Small businesses can protect themselves by putting in place a comprehensive cyber and crime insurance policy that will provide financial compensation for both direct costs and any liabilities payable to third parties.
In the past year ransomware attacks have increased by almost 13%, an increase as big as the last 5 years combined!
This year to date around 1 in 5 (21%) businesses identified a more sophisticated method such as malware, denial of service or ransomware attack.
Ransomware is a type of malware (malicious software) which is used to lock systems and devices, making them unusable until a ransom has been paid. Malware attacks may also encrypt or delete important data, resulting in financial losses and long periods of business interruption.
In 2022, phishing attempts were the most common cyber threat. Out of the UK Businesses who identified a Cyber Attack, 83% identified a phishing attempt.
Phishing is a type of social engineering, where criminals impersonate organisations via email, text message, or other means, in order to steal sensitive information or obtain money. Some phishing emails appear very convincing, so training is key to ensure employees know what to look for and where to report any suspected phishing attempts.
How can I protect my business from cyber-attacks?
Cybersecurity and training
Robust cybersecurity is essential to protect your business, and it’s important to invest in some cybersecurity measures regardless of business size or industry. It is also a requirement of cyber insurance cover that the policyholder ensures there is adequate cybersecurity measures in place, otherwise if an incident occurs claims may be voided.
It is also equally as important for your employees to have up to date training to stay ahead of the increasingly sophisticated methods used by cyber criminals. Some cyber insurance policies even offer cybersecurity training, to help reduce the risk of claims caused by human error.
Cyber insurance cover helps your business offset the costs of recovery after a cyber-related security breach, loss of data, a ransomware attack or a similar event.
A comprehensive cyber insurance policy will provide financial compensation for the direct costs incurred to the business and any liabilities payable to third parties following a cyberattack, a data breach or loss of data.
Many policies also offer Cyber Breach Response Support, which is an invaluable resource when dealing with cyber-attacks. These services can include crisis containment, PR and reputation management and independent legal advice.
Some businesses may have cyber cover within a commercial combined policy, but this cover is often less comprehensive than a standalone Cybersecurity policy and may not provide sufficient cover for all the costs associated with a largescale cyber attack or data breach.
To get started with a new cybersecurity policy, or make an enquiry about your existing cover: