More than half of British firms 'report cyberattacks in 2019'

The proportion of UK firms reporting a cyber-attack has jumped, despite most businesses admitting they are under-prepared for breaches, according to research from Hiscox reported by the BBC. The insurer found 55% had faced an attack in 2019, up from 40% last year.


But almost three-quarters of firms were ranked as "novices" in terms of cyber-readiness.


Hiscox said a lot of businesses "incorrectly felt that they weren't at risk".


The firm surveyed more than 5,400 small, medium and large businesses across seven countries, including the UK, Germany, the US, Belgium, France, the Netherlands and Spain.


It said there had been a "sharp increase" in the number of cyberattacks this year, with more than 60 per cent of firms having reported one or more attacks - up from 45 per cent in 2018.


Average losses from breaches also soared from $229,000 (£176,000) to $369,000, an increase of 61 per cent.


Despite this, the insurer said the percentage of firms scoring top marks on cybersecurity had fallen, with UK organisations doing particularly badly.


British firms had the lowest cybersecurity budgets, it said, spending less than $900,000 on average compared with $1.46m across the group.


They were also joint-least likely with US firms to have a "defined role for cybersecurity" on their staff. In France, the proportion was closer to one in ten.


Gareth Wharton, head of Cyber at Hiscox, said the low UK spending could be driven by the large number of small businesses in Britain.


"They may feel like they won't be targeted, as we tend to only read about large breaches in the press. If they incorrectly feel that they won't be targeted, they may be less likely to spend on cybersecurity."


However, Hiscox also found the average cost of an attack in the UK was lower than average at $243,000, compared with $906,000 in Germany and $486,000 in Belgium.


New regulation has also prompted action, with eight in ten UK firms saying they had made changes since the introduction of tough new EU data protection rules last year.

more news

BA, Marriott Face Massive Fines For Data Loss


If proof was needed that poor data protection is bad for the corporate wallet, two examples have demonstrated that substantial fines face those organisations that have lax data security.

read more

Cumbria First Police Force To Utilise NMC Tools


Cumbria Constabulary has become the first police force to use the National Management Centre (NMC) for cybersecurity set up under the National Police Chiefs’ Council (NPCC).

read more

Phishing Attacks Bypassing 2-Factor Authentication


Penetration testers and attackers have a new tool in their arsenal that can be used to automate phishing attacks in a way that defeats two-factor authentication (2FA) and is not easy to detect and block, reports CSO Magazine.

read more

Third of Breaches Caused By Unpatched Vulnerabilities


IT security professionals have admitted that a third of cybersecurity breaches are the result of vulnerabilities that they should have patched.

read more