In the past year, 61% of firms suffered a cyber attack, up from 41% in the year before. According to the recently-published 2019 Hiscox Cyber Readiness Report, the median cost for losses associated with cyber incidents has increased dramatically over the last two years: up from $229,000 (£185,000) to $369,000 (£295,000)!
Key findings from the insurer’s report:
- Nearly two-thirds of firms (65%) have experienced cyber-related issues in their supply chain in the past year. Three quarters of technology, media and telecoms (TMT) and transport firms have been hit.
- More firms fail the cyber readiness test as there was a small decline this year in the proportion of firms achieving “expert” scores for their cyber strategy and execution – down from 11% to 10%.
- The mean figure for losses associated with all cyber incidents among firms reporting attacks has risen from $229,000 (£185,000) last year to $369,000 (£295,000) – an increase of 61% – with medium and large firms bearing a disproportionate amount of the cost.
- The above figures are strongly influenced by a sharp rise in the cost of the biggest single incident reported. The mean cost has jumped from $34,000 (£27,000) a year ago to just under $200,000 (£159,000). For large firms, there has been an 18-fold rise to $395,000 (£316,000). The comparable figure for small firms is $9,000 (£7,193), up from $3,000 (£2,397) in 2018.
- The average spend on cyber is now $1.45 million (£1.16bn) and the pace of spending is accelerating. Total spent by the 5,400 firms in the report comes to $7.9 billion (£6.3 bn). Two-thirds of respondents say they plan to increase their spending on cyber by 5% or more in the year ahead.
- While larger firms are still the most likely to suffer a cyber attack, the proportion of small firms (less than 50 employees) reporting one or more incidents is up from 33% to 47%. For medium sized firms with between 50 and 249 employees the proportion has increased significantly: from 36% to 63%.
- More than three out of five firms (61%) reported an attack in the last year – up from 45% the previous year. The frequency of attacks has also increased. Interestingly, among the seven countries surveyed, Belgian firms are the most likely to have been attacked, with US firms being the least likely.
The report is available to download now.