Insurance provider Hiscox has published its fifth annual cyber readiness report, which has some eye-opening statistics.
Over the last five years, the percentage of companies that have been attacked has bounced around from 43% to a high of 61%, making it the most common threat for UK businesses.
Company size does not matter, as even companies with annual profits of $100,000 to $500,000 are experiencing as many cyber attacks as those that earn $1m to $9m – making cyber threat prevention all the more important.
As is to be expected, the COVID-19 pandemic has only made the situation worse, with 36% of businesses citing remote working as a risk factor. The reports show that ransomware incidents have increased from 17% to 19%, often spread through phishing emails and malware. The Financial Services and TMT (Technology, Media, and Telecom) industries have been in the top spots for reporting at least one cyber attack for the last three years, with Energy also appearing in the top three for the last two years.
An interesting part of the report is what organisations invested in after a cyber attack. Around two out of five experts said they had put additional cybersecurity and audit requirements in place (41%), stepped-up employee training (39%) and improved preparations for cyber attacks (39%).
It is clear that phishing emails are a major cause of security incidents, and many organisations are investing in new-school security awareness training after the fact. But why not take a proactive approach and focus on building a strong cybersecurity culture from the start? Doing so can help lessen the chances of a successful attack and save you from costly incidents down the line.
The full Hiscox report can be read here.