Howden: How Cyber Attacks cost UK Companies $55bn in 5 Years

Share
The UK must urgently rethink its approach to cyber resilience
Insurer Howden have released a report that shows the vulnerabilities that have lead to UK companies losing US$55bn in five years due to cyber attacks

Across the globe, the West is grappling with an unprecedented wave of cyber-attacks, targeting everything from private businesses to critical infrastructure. 

These attacks are becoming more sophisticated and more frequent, with both state-sponsored actors and cybercriminal groups intensifying their efforts. 

While no country is immune, the scale and nature of these cyber incidents are not being distributed equitably. 

The UK, in particular, is facing the brunt of this digital onslaught, with recent findings from insurer Howden highlighting how they have lost a staggering £44bn (US$55bn) in revenue over the past five years due to cyber-attacks. 

A system under siege

According to Howden, UK businesses are losing an average of 1.9% of their revenue to cyber-attacks. 

For larger companies, the situation is even more dire, with those making over £100m (US$126m) in revenue being more likely to fall victim to a cyber breach. 

This level of financial impact is unsustainable for most organisations, particularly in a climate where businesses are already facing pressure from economic uncertainty. 

The losses in revenue due to cyber-attacks are not only a reflection of the scale of the threat but also point to broader systemic issues in the UK's approach to cybersecurity.

"The state of cybersecurity in UK businesses is facing significant challenges."  

Mark Coates, VP EMEA at Gigamon

The frequency of these breaches is also alarming: more than half (52%) of private sector firms reported at least one cyber-attack in the last five years. 

This paints a picture of a nation ill-prepared to weather the growing storm of cyber threats. 

The impact is compounded by the fact that many businesses are not adequately prepared to combat these attacks. 

Less than two-thirds (61%) of businesses in the UK use anti-virus software, and even fewer (55%) have network firewalls in place. 

This is in stark contrast to the growing sophistication of cybercriminals, who are exploiting these gaps with alarming success.

One of the most concerning findings is the rise in ransomware attacks, which have become increasingly destructive. In 2023, global ransomware attacks surged by 85%, with ransomware revenue exceeding US$1bn for the first time. 

These attacks often go beyond financial extortion to include the theft of sensitive personal information or commercial data, making them more difficult to mitigate. 

Geopolitics and cybersecurity 

The geopolitical landscape is also playing a crucial role in shaping the cyber environment. 

Howden’s report highlights that 90% of cyber-attacks recorded between April 2023 and March 2024 were politically motivated, underscoring the growing intersection between cybercrime and global politics

Hostile governments, according to the report, are increasingly shielding criminal actors operating within their borders, allowing them to attack Western companies and infrastructure with near impunity. 

This is particularly evident when examining the rise of cyber espionage as a service. As geopolitical rivalries intensify, the demand for cyber tools and services to carry out espionage has skyrocketed.

Youtube Placeholder

This growing market has led to the proliferation of cyber-criminal groups offering their expertise to the highest bidder, further complicating the landscape for businesses in the UK and beyond.

Equally, the emergence of Gen AI technology, while offering new possibilities for cybersecurity defence, is another double-edged sword being used in this geopolitical game.

 As businesses adopt these tools at a rapid pace, they are simultaneously being outpaced by the technology's use by threat actors.  

The speed at which malicious actors are harnessing the power of AI to carry out more sophisticated attacks is a significant concern.

Reforming the country’s cybersecurity

Despite a recognition of the country’s wanting cyber posture, the current state of the UK's cybersecurity posture is concerning. 

"The state of cybersecurity in UK businesses is facing significant challenges," Mark Coates, VP EMEA at Gigamon. "Most UK businesses are severely under prepared to effectively handle the rise in cyberattacks.”

Mark Coates, VP EMEA at Gigamon

One of the biggest issues is that many UK businesses continue to rely on outdated and insufficient cybersecurity measures.

The fact that over 40% of companies are not using essential tools like anti-virus software and firewalls is a clear indication that the nation is not prepared to defend itself adequately against the increasingly sophisticated tactics used by cybercriminals. 

The UK needs a far more robust approach to cybersecurity, one that involves stronger public-private partnerships, better education on digital threats, and more comprehensive government policies to protect critical infrastructure.

"Firstly, addressing the problem of legacy technology is crucial; modernising and securing outdated systems will help mitigate vulnerabilities and enhance resilience against sophisticated cyber threats," says Mark.

"Secondly, organisations must address the most common entry point to CNI's which are their extended supply-chains. When selecting suppliers and vetting third parties, it's important to assess not just the quality and price of services offered, but also the IT maturity of the supplier."

With the scale and complexity of cyber-attacks showing no signs of abating, the UK must urgently rethink its approach to cyber resilience. The cost of inaction is simply too high, both in terms of financial losses and national security risks.


Explore the latest edition of Cyber Magazine  and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today. 


Cyber Magazine is a BizClik brand

Share

Featured Articles

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

AI cybersecurity firm Darktrace reveals increase in brand impersonation attacks targeting retailers, with holiday-themed phishing attacks rising 327%

KnowBe4 Launches AI Agents to Counter Phishing Threats

AI Defense Agents aim to measure and reduce human cyber risk as AI-powered attacks increase, with new tools for automated training and threat simulation

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security

SAVE THE DATE – Cyber LIVE London 2025

Cyber Security

AWS Targets Cloud Security with Incident Response Platform

Cloud Security