According to the latest Hiscox Cyber Readiness Report, more than half of businesses (53%) experienced at least one cyber attack in the past year. This marks a five-point increase from the previous year’s figure of 48%. The report, which gathered insights from over 5,000 organizations across eight countries, reveals that cyber attacks have been on the rise for the fourth consecutive year.
The data also highlights a troubling trend concerning small businesses with fewer than ten employees. Over the last three years, the percentage of such businesses facing cyber attacks has surged from 23% to 36%. Cyber criminals are increasingly targeting these smaller enterprises in an attempt to exploit vulnerabilities in their IT systems. Additionally, the report reveals that small businesses with fewer than 250 employees lack confidence in their ability to handle a cyber attack. Only three in five (61%) of these businesses feel confident in their cyber defenses, compared to 71% of larger organizations.
The report further states that larger companies with 1,000 or more employees have observed a significant increase in cyber attacks. Seven out of ten (70%) of these businesses experienced at least one cyber attack, up from 62% the previous year. This highlights the growing prevalence of cyber threats in the business world.
One in five businesses that fell victim to a cyber attack reported being held to ransom. However, the percentage of businesses willing to pay the ransom dropped slightly from 66% to 63% compared to the previous year. Notably, 46% of large businesses with over 250 employees paid a ransom to safeguard customer data, while 42% of smaller businesses paid to protect confidential company data. It is worth mentioning that fewer companies paid the ransom with the intention of restoring normal operations. Additionally, the median cost of cyber attacks on businesses decreased from $17,000 to just over $16,000. However, despite this marginal reduction in costs, the impact of cyber risk remains significant, with 21% of attacked firms stating that the attacks endangered their business’s viability.
Despite dealing with various risks such as tough market conditions and increased competition, companies identify cyber attacks as the top risk in five out of eight surveyed countries. Business email compromise (BEC) emerges as the leading entry point for hackers, with one-third of companies experiencing payment diversion fraud (PDF) due to cyber attacks.
To combat the rising number of cyber attacks, businesses are proactively increasing their cybersecurity spending. Over the past three years, the median cybersecurity budget has grown by 39% to reach $155,000. Smaller businesses in particular have quadrupled their cybersecurity spending in the last two years, with a median budget of $8,100.
Eddie Lamb, Global Director of Cyber Education and Advisory at Hiscox, emphasized the significance of consistent updates and management of cyber defenses. He acknowledged that while businesses are investing more in cybersecurity, keeping up with innovative tactics used by cyber criminals, such as business email compromise, poses a challenge. Lamb reaffirmed the company’s commitment to assisting clients in staying ahead of cyber criminals through continuous support and guidance.
In 2017, Hiscox launched the CyberClear Academy, a training platform that has already educated nearly 36,000 individuals from 7,000 small and medium-sized businesses. This initiative, offered in collaboration with various partners, enables Hiscox customers to educate their employees on cybersecurity, which plays a crucial role in defense against cybercrime. In 2021, Hiscox introduced the Hiscox Maturity Assessment, a free online tool that allows businesses to assess their security profile and benchmark it against over 16,000 companies.
In conclusion, the Hiscox Cyber Readiness Report highlights the persistent and growing threat of cyber attacks to businesses globally. With attacks on the rise for the fourth consecutive year, organizations of all sizes are facing increasing risks and challenges. While companies are making efforts to bolster their cybersecurity measures and invest more in protection, continued vigilance and regular updates to defenses are crucial to staying ahead of the constantly evolving tactics employed by cyber criminals.