Cybersecurity spending on the rise as attacks surge

Share
A new report compiled by insurance firm Hiscox reveals the state of cyber preparedness in the UK and beyond

Since the start of the pandemic and the rise of people working from home, cybercriminals have had to adapt to their new environment, and are using weaknesses in people’s security to launch more attacks.

The latest data released in the Hiscox Cyber Readiness Report shows 43% of companies report having been targeted with over a quarter experiencing five assaults or more. One in six businesses attacked (17%) also reveal how the financial impact has threatened the company’s future.

The report underlines the scale of the cyber challenge, but it also offers good news. Despite the difficulties presented by the Covid-19 pandemic, firms have intensified their fightback by devoting more resources and focus than ever to cyber resilience. It found organisations are upping their defences against cybercrime, with cybersecurity taking up 21% of the average organisation’s IT budget. This is a large jump from the 13% which was used for the same spend last year.

A wide range of attacks

The proportion of respondents reporting attacks jumped from 38% in 2020 to 43%. The hackers’ favourite targets were the technology, media and telecoms (TMT), financial services and energy sectors. The percentage of firms affected in these sectors was typically up from the low-to-mid-40s in the 2020 study to the mid-50s. 

When asked to name the first point of entry for the hackers, 37% of respondents mentioned their corporate-owned servers. Cloud-based servers came second (mentioned by 31%), followed by company websites (29%) and employee errors such as phishing or spoofing (28%). The previous year, phishing was the clear number one issue, mentioned by 45% of respondents. 

While professional services, construction, and financial services firms were particularly likely to cite the corporate server as the point of entry, businesses dealing with the public, particularly retail/wholesale and energy, were more likely to have suffered a breach via the company website. Company-owned mobile devices, mentioned by just over a quarter of all firms attacked (26%), appear to be areas of particular vulnerability for more mobile industries such as transport/distribution and travel/leisure (mentioned by 32% and 30% respectively).

Around one in every six firms attacked was targeted with ransomware and more than half paid up. In the US, the proportion paying a ransom was 71%. The costs of recovery from a ransomware attack were typically almost as high as any ransom paid (making up an average 45% of overall cost). 

Overall, Spanish companies were most likely to report a cyber attack (53%). Nearly half of all French respondents (49%) reported an attack, up from 34% the previous year. By contrast, only 36% of British firms reported being targeted, the least affected by cyber attacks. 

Share

Featured Articles

Palo Alto Networks, Deloitte and The Push to Platformization

By expanding their partnership to EMEA, Palo Alto Networks is bringing to Deloitte the platformization needed in the modern cybersphere

Insurers Now Spotlighting Identity and Privilege Compromises

Delinea's latest survey reveals a sharp rise in cybersecurity insurance claims, pushing for advanced identity protection measures. Dive into how AI and met

Trend Micro Address AI Threat to Mobile Users with New App

Trend Micro Check is an all-in-one solution that recognises the threats that deepfakes are now posing to mobile users in elaborate scams

Solarwinds CISO Wants Global Cyber Laws After Winning Case

Cyber Security

Resurgence of Spam: Cisco Talos Sound Alarm on New Tactics

Hacking & Malware

Cloudhouse Head Talks Laws Incoming After Crowdstrike Outage

Operational Security