The number of organizations in Europe and the US that have been hit by a cyber-attack over the past year has soared to over three-fifths (61%), according to a new report from Hiscox.
The global insurer today released the results of its Hiscox Cyber Readiness Report 2019, which is compiled from interviews with over 5300 cybersecurity professionals in the US, UK, Belgium, France, Germany, Spain and the Netherlands.
It revealed a sharp increase in the number of firms suffering an attack, up from 45% in the 2018 report. In the UK, the figure rose from 40% to 55%.
There was also a rise in the number of small (from 33% to 47%) and medium-sized businesses (36% to 63%) reporting an attack, across the US and Europe.
Two-thirds of firms (65%) on average claimed to have been hit by supply chain cyber incidents.
Average losses were also up by 61%: from $229,000 last year to $369,000 this, a figure exceeding $700,000 for large firms versus just $162,000 in 2018.
Although cybersecurity spending went up by 24% over the past year to reach $1.45m, only 10% of responding organizations were classed as “experts” in terms of their cyber-readiness, with nearly three-quarters (74%) described as unprepared “novices.” Disappointingly, there was a sizeable drop in the number of large US and German firms achieving “expert” scores.
Hiscox cyber CEO, Gareth Wharton, argued that cyber-attacks have become “the unavoidable cost of doing business today.”
‘This is the third Hiscox Cyber Readiness Report and, for the first time, a significant majority of firms report one or more cyber-attacks in the past 12 months. Where hackers formerly focused on larger companies, small and medium-sized firms now look equally vulnerable,” he explained.
“The one positive is that we see more firms taking a structured approach to the problem, with a defined role for managing cyber strategy and an increased readiness to transfer the risk to an insurer by way of a standalone cyber-insurance policy.”