Cyber readiness: The state of play in technology, media and telecommunications

The UK’s technology, media and telecommunications (TMT) sector is vast – in London alone, revenue generated by companies in this sector accounts for approximately £125 billion, or 8% of national GDP (external link).

With high value comes significant potential for losses, however. This means cybercrime could be a key concern for organisations in this diverse industry, which brings together software development firms, television networks and home-based media agencies, amongst others.

When it comes to cyber security, each industry faces unique challenges, as we outlined in the Hiscox Cyber Readiness Report 2020.

In an accompanying table that ranked UK sectors according to cyber security, radically different levels of threat and preparedness were seen.

Here, we take a closer look at one of the nation’s most valuable and forward-thinking sectors to see just how secure it is.

Our Threat Ranking Table, published in the summer, revealed that 34% of businesses in the UK’s TMT sector faced at least one incident or breach in the last 12 months.

In further analysis of UK data from our Cyber Readiness Report 2020, the most common type of incident was revealed to be phishing, which accounted for 53% of the incidents responding organisations had experienced. Phishing occurrences included email, voicemail, SMS and even postal tactics.

Website-related incidents, such as hacking attempts targeting digital vulnerabilities, came in second place – 42% took this format.

Ransomware infections were also common, with 23% of cyber events creating the need to recover data from backup systems and the same proportion resulting in a drive to rebuild datasets following an attack.

Each of these cyber security events carries a cost – whether that’s from the direct need to recover control of systems or the interruption to business as usual, which in turn may impact client relationships and a firm’s reputation.

In TMT, the median cost of cyber events was $75,000 globally and $39,600* in the UK. This is more than ten times the cost incurred by the UK travel and leisure sector, for instance, which lost just $3,470 according to the Threat Ranking Table.

When we consider how digitally-adept many organisations in the TMT sector profess to be, these losses may be surprising. They paint a picture of a sector that requires more heightened cyber vigilance.

So, what impact have cyber incidents had on firms in the space? We analysed UK and sector-specific responses from our 2020 report to investigate.

A quarter said security and privacy are regularly evaluated or discussed as a result of the cyber incidents they’d experienced. This was the most common form of action taken within the industry.

More than one in five (23%) said they had invested in cultural change, including employee training, while 21% purchased a cyber insurance policy to boost their resilience.

A further 21% said they had implemented additional cyber security and audit requirements. The same proportion of business representatives said they had increased spending on crisis management.

This may suggest that organisations are still more likely to prioritise direct security measures rather than working to mitigate the full range of potential impacts.

Interestingly, 30% of firms believed they were not at risk of facing a cyber incident – a stark figure considered against the backdrop of significant financial losses. More than a third of businesses in the sector experienced a cyber event within the 12-month period.

The sector acknowledges risk, with 43% of UK organisations in the sector admitted to believing they were at risk of facing a cyber incident.

These numbers suggest that the sector is mostly aware, but perhaps complacent in areas – a trend which could exacerbate problems for some firms.

These intriguing patterns – of sizeable losses and mixed attitudes to response – suggest the sector may be split.

Division was a key feature across this year’s report, which saw cyber security spending soar by 39% globally.

This is thought to have led to a divide between the winners and losers of cyber preparedness, which is evident in the UK data. As cyber losses have grown, levels of expertise have risen to meet the challenge, meaning a small number of unprepared firms may be absorbing a higher proportion of the harm.

This is the cyber expertise model, which suggests cyber-savvy organisations are using their knowledge to carve out an advantage.

In the UK’s TMT sector, 13% of firms were classified as cyber novices in the Cyber Readiness Report, alongside 16% as cyber opportunists and 21% as experts.

This means the sector is top-heavy with experts – a strong position to hold. It may help to explain why losses were not higher in a sector within which 35% of organisations faced cyber incidents.

A huge 85% of TMT companies employed a named cyber security leader or team which took responsibility for all things cyber.

More than two thirds (67%) in the sector feel confident in their cyber security readiness.

Perhaps most significantly, the Threat Ranking Table revealed that a huge 61% of TMT firms said they could clearly measure the impact of a cyber breach – a clear indicator of cyber security proficiency.

This placed the sector within a hair’s breadth of the best for this indicator – and forged out a gap between TMT and some of the higher-risk sectors, such as business services and food.

This matters, since in general, experts tend to be more resilient when suffering breaches. However, the relationship between spending and resilience isn’t always clear-cut.

According to the Cyber Readiness Report 2020, firms that spent double-digit percentages of their IT budget on cyber security measures were less likely to have experienced an incident or breach than those spending less than 5%.

This finding came with a note of caution, since the big spenders were often larger firms, which suffered higher-than-average costs when breaches did occur.

Since it’s never wholly possible to prevent cyber attacks and breaches, this can equate to big losses for the larger organisations.

“Size brings more customers, higher notification costs and bigger ransoms,” the report notes.

The cyber spend within the TMT sector has increased in recent years, which may have defended the industry against the worst impacts of cybercrime and breaches, as the graph below demonstrates.

Nonetheless, there remains great diversity within TMT – something which may be partly due to the diversity of the businesses within a sector comprising global corporations and owner-director start-ups.

It’s also possible that there could be diversity between technology-focused organisations and traditional media firms. This may help explain why, despite the sector’s proficiencies, just one in four TMT organisations have implemented measures such as regular security and privacy evaluation.

If the industry is divided into cyber-smart organisations and those with room for improvement, then these groups may face very different fates in the coming years.

Despite its divisions, this sector can serve as a positive example to others. Our data shows that TMT firms are busy building resilience in several ways. There is also a generally strong understanding of the importance of procedural reviews.

Resilience-boosting methods are reflected in TMT spending priorities. During the next 12 months, 54% of organisations surveyed plan to invest in end-user device malware detection. The same proportion intends to achieve or maintain regulatory compliance.

These plans suggest an astute understanding of the task at hand in a sector affected most by phishing. End-user device malware detection is recognised as a strong method for boosting general protection against phishing and ransomware attacks, including on business smartphones.

52% of businesses said improving the security of customer-facing services and applications was a spending priority. Since the sector faced a high number of attacks via website vulnerabilities, this suggests a move in the right direction.

More than half (58%) of firms had a cyber insurance policy in place. Despite this, only 27% enjoyed the protection of a standalone policy.

Since the Cyber Readiness Report 2020 highlighted the importance of stand-alone cover, this could create an area of vulnerability for the sector if not addressed.

The report highlighted that firms were 15 times more likely to face a cyber incident than a fire or theft, with just 2% facing the latter threat types.

Despite this, many companies – including in the TMT space – still treat cyber protection as an afterthought.

The research revealed that expertise and insurance go together – many expert firms take out insurance, perhaps because personnel have a thorough understanding of the risks. In turn, organisations with access to a comprehensive cyber policy may be able to make use of expert advice, further boosting their resilience.

It isn’t possible to completely eliminate cyber risks, so this type of preparation works in areas others can’t – by funding data recovery efforts following a breach, for instance.

A minority of businesses in the sector, 14%, see reviewing internal policies and procedures as a low business priority.

Adequate protection and understanding may not yet be universal, but on the whole this sector has a positive outlook.

With better insurance coverage and an increase in cyber knowledge, the future could be bright for cyber readiness within the TMT sector.

* The median cost of cyber events and figure of $39,600 was taken from the Hiscox Threat Ranking Table which can be found on the link above. 

The findings from the Hiscox Threat Ranking Table were taken from their Cyber Readiness study focusing on UK data only. Risk scores were calculated using the UK average for each category as a benchmark, assigning points from 1-10 for percentage above or below this benchmark. 70 is the maximum risk score that could be obtained and seven the lowest. The lower the risk score, the less the risk.