The cyber security survey from Howden – closing the gap on the issues

Our news feeds often contain scary cyber-attack stories reporting on how a digital infiltration made a business halt operations, stopped a transport network in its tracks, or caused huge embarrassment to an organisation

The cyber security survey from Howden – closing the gap on the issues

But behind the headlines are real people and companies who have suffered through data exposure or loss, or because of finances being illegally accessed and transferred via a bad actor.

In order to comprehend the true cost of cybercrime and what the main cyber weaknesses are, Howden recently Commissioned YouGov to survey 900 senior IT decision makers, representing UK private sector business. What follows is a summary of not only the real pain points of corporate cybercrime, but also some of the solutions that can protect businesses better, regardless of size and sector. 

Counting the cost of cybercrime

Once data has been restored or replaced and the cyber-threat quashed, it’s the financial losses that have the power to cause the most long-term damage.

This report exposed that in the five years up to September 2024, 52 per cent of UK businesses – that’s more than half – suffered at least one cyber-attack with negative financial consequences – costing the UK economy around £44bn.

Breaking this down, the survey revealed that compromised emails comprised 20 per cent and data theft 18 per cent, which equates to a cost of £2.1m and £2m respectively.

The rest of this in terms of percentage and cost works out as supplier compromise 16 per cent (3.4m), fraud funds transfer 14 per cent (2.7m), malicious insider 14 per cent (2.9m), and ransomware 12 per cent (1.7m).

And while it shouldn’t be too surprising that it’s big businesses with revenues over £100m per annum that were most targeted, with 74 per cent being a cybercrime victim in the last five years, we cannot afford to overlook the impact and threat level on SMEs, where 49 per cent and with a revenue of £2-£50m also undergoing a nefarious cyber-hit in that same five year timespan.

Shifting the focus to which sectors were reported as the most targeted, taking the top three spots, in reverse order, were IT and Telecoms with 58 per cent, Construction at 62 per cent, and out in front in the race nobody wants to win, is Media, with 65 per cent. At the other end of the table with lower cybercrime hits, are retail and hospitality & leisure, with 33 and 32 per cent respectively.

Taking a brief stop at location as a measure, London takes the most cybercrime hits with 69 per cent, and East Midlands reports the lowest figures with 29 percent. 

While this survey makes for sobering reading, there is also a strong emphasis on reporting preventative measures. In the good news column, the frequency of attacks for those with basic cyber security measures stands at 38 per cent, while for those without its 61 per cent, with even low-level implementations such as strong password protection processes reducing severity by around six per cent of revenue or £6m on average. 

It seems cyber security is slow to catch on as a priority, with only two-thirds of businesses making less than £100m actively using antivirus software, leaving themselves vulnerable to penetration, and stuck in a position that may be costly both financially and reputationally if there is a cyber-attack.

However, with post-survey analysis, Howden estimates that by introducing basic cyber security – such as firewalls, backups, antivirus software, and multi-point authentication, and of course specific cyber insurance – the UK business community could have potentially reduced cyber-attack costs by 75 per cent or (£30bn in money) over that 2019-24 period.

For an average business making around £150m revenue, the savings from cyber security basics are £3.5m over 10 years, which is a 25 per cent return on investment. And the key driver is two-fold – to reduce severity from 6.5 per cent to 0.65 per cent, and frequency from 12 per cent to eight per cent.

The report also highlights some critical data on the government’s role in getting more businesses to buy into cybersecurity measures. If there was more tax relief and also access to cybersecurity experts – either free or subsided – then this may encourage enterprises of all sizes to prioritise digital safety.

Within this concluding data, the role of the insurance sector is also considered. The call to arms from those businesses surveyed notes the three highest scoring ‘blockers’ to cybersecurity investment as high costs (32 per cent), insufficient knowledge (26 per cent) and lack of internal IT resources (22 per cent). 

A robust cyber insurance solution such as that offered by Howden is not just about paying out for a claim post-cyber-attack. Aside from financial protection, there’s a swift first response support team who investigate, control, mitigate and remove cyber security threats. And there’s also ongoing training and defence tools available alongside that all-important policy; after all, nobody wants their business to fall victim to an invisible but powerful perpetrator.

Access the full Howden cybersecurity report here.

This article comes courtesy of Howden – an expert insurance group that does insurance differently – offering flexible, high-quality cover, and reassuringly straightforward service, while using insurance as a tool to increase resilience. United by a no-limits mindset, Howden is a powerful and passionate team, rising to any challenge to do right by your business.

ABOUT THE AUTHOR
Sponsored Feature
Sponsored Feature
RELATED ARTICLES
Share via
Copy link