An increase in attacks should equate to a rise in organizational cyber-preparedness. But according to new research from U.K. cyber insurer Hiscox, organizations simply aren’t ready.
Each year, Hiscox puts out an annual Cyber Readiness Report. This year’s report is chock full of valuable high-level data around organizational preparedness when it comes to cyber incidents. One of the common themes is the fact that organizations across the spectrum size, geo, and industry are seeing rises in cyber attack. And yet, they still aren’t ready for the next one.
According to the report:
- The percentage of organizations experiencing a cyber incident rose from 45% in 2018 to 61% in 2019
- The cost of cyber incidents also rose by 61% into 2019
- The average cost of the most significant cyber incident an organization experienced in the last year jumped nearly a whopping 6 times from $34K in 2018 to just under $200K in 2019
These undeniably massive jumps in attacks and associated costs should certainly warrant organizations betting themselves ready for the next attack. And yet, according to the report, a whopping 74% of organizations consider themselves “novices” when it comes to cyber security. Only 10% ranked themselves as experts, demonstrating that organizations are likely more reliant on security solutions than on having in-house expertise.
One last increase mentioned in this report is the making of Security Awareness Training a priority for cybersecurity budget spend. With 39% (up 15% from last year) of organizations planning on spending budget on improving their user’s understanding of attacks and the user’s role in stopping them, this added security layer will help to improve an organization's security stance, while helping to create a culture of security.