Cybersecurity spending on the rise as attacks surge

A new report compiled by insurance firm Hiscox reveals the state of cyber preparedness in the UK and beyond

Since the start of the pandemic and the rise of people working from home, cybercriminals have had to adapt to their new environment, and are using weaknesses in people’s security to launch more attacks.

The latest data released in the Hiscox Cyber Readiness Report shows 43% of companies report having been targeted with over a quarter experiencing five assaults or more. One in six businesses attacked (17%) also reveal how the financial impact has threatened the company’s future.

The report underlines the scale of the cyber challenge, but it also offers good news. Despite the difficulties presented by the Covid-19 pandemic, firms have intensified their fightback by devoting more resources and focus than ever to cyber resilience. It found organisations are upping their defences against cybercrime, with cybersecurity taking up 21% of the average organisation’s IT budget. This is a large jump from the 13% which was used for the same spend last year.

A wide range of attacks

The proportion of respondents reporting attacks jumped from 38% in 2020 to 43%. The hackers’ favourite targets were the technology, media and telecoms (TMT), financial services and energy sectors. The percentage of firms affected in these sectors was typically up from the low-to-mid-40s in the 2020 study to the mid-50s. 

When asked to name the first point of entry for the hackers, 37% of respondents mentioned their corporate-owned servers. Cloud-based servers came second (mentioned by 31%), followed by company websites (29%) and employee errors such as phishing or spoofing (28%). The previous year, phishing was the clear number one issue, mentioned by 45% of respondents. 

While professional services, construction, and financial services firms were particularly likely to cite the corporate server as the point of entry, businesses dealing with the public, particularly retail/wholesale and energy, were more likely to have suffered a breach via the company website. Company-owned mobile devices, mentioned by just over a quarter of all firms attacked (26%), appear to be areas of particular vulnerability for more mobile industries such as transport/distribution and travel/leisure (mentioned by 32% and 30% respectively).

Around one in every six firms attacked was targeted with ransomware and more than half paid up. In the US, the proportion paying a ransom was 71%. The costs of recovery from a ransomware attack were typically almost as high as any ransom paid (making up an average 45% of overall cost). 

Overall, Spanish companies were most likely to report a cyber attack (53%). Nearly half of all French respondents (49%) reported an attack, up from 34% the previous year. By contrast, only 36% of British firms reported being targeted, the least affected by cyber attacks. 

Share

Featured Articles

Google Securing WFH with Zscaler and Netskope Partnership

Google has added the expertise of Zscaler and Netskope into its Workspace Security Alliance to bolster the security issues created from work from home

Why Have Cybersecurity Budgets Soared for TMT Companies?

A recent report by Moody's shows Telecommunications, Media, and Technology companies have ballooned their cybersecurity budgets

Mandiant's Analysis Unveils Cause of Snowflake Data Theft

Mandiant identified three key issues things that the customers affected by the data breach shared

OpenText: AI Main Driver of Growth for MSPs & MSSPs

Technology & AI

Genetec’s Paul Dodds Talks Protecting IoT from Cyber Attacks

Network Security

Tech Mahindra and Cisco Partner on Next-Gen AI Firewall

Cyber Security