What the Cyber Threat Ranking Table shows
Property sector takes highest risk score
Property now has the highest risk score (51) of all the sectors included in our research. It overtakes travel and leisure, which scored 48 both last year and this year. It’s followed by pharma and healthcare, whose score has climbed from 39 to 49 over the past year. The food and drink industry also faces a higher risk score than last year, rising from 31 to 45.
On a more positive note, a range of industries have reduced their risk scores since our last check-in.
These include:
- Technology, media and telecommunications. This now has the lowest risk score of all sectors, falling from 33 to just 31.
- Financial services. This year’s score of 38 marks an improvement from 39 last time round.
- Business services. The latest risk score of 37 is lower than last year’s 42.
Overall, the government and non-profit sector has endured the most cyber attacks this year, with a median of 37.5. It’s also faced the highest cost per organisation, recording a median of $74,717. Across all businesses, the median cost comes to $24,200.
Financial services firms are the most likely to have dedicated cyber security roles, at 59%. This score stands at 46% across all businesses.
Smallest firms face biggest risk scores in 2023
When ordered by business size, it’s the smallest firms who take the highest risk scores. Those with one to nine and 10-49 employees come out on top, with respective scores of 48 and 41. These are up from 39 and 37 last year.
At the other end of the scale, those with more than 1,000 staff members have seen their risk score fall from 38 to 36. Firms with 250-999 employees have the lowest overall score (31).
Businesses with 50-249, 250-999 and over 1,000 employees spend the highest percentage of their IT budgets on cyber security, at 20%. The median across all UK businesses is now 19%.
Elsewhere, organisations with 50-249 employees now have the strongest uptake of cyber insurance. More than half (53%) say they have cyber insurance in place. This is higher than the figure of 37% for all businesses.
How the Cyber Threat Ranking Table works
The Cyber Threat Ranking Table orders the threat by industry – the higher the total risk score, the more exposed your sector is, according to our statistics.
The data is taken from the UK arm of the Hiscox 2023 Cyber Readiness Report. This research shows that attacks remain common, despite significant spending on IT budgets.
As the table reveals, these trends are not spread evenly – for some sectors, increased investment has been enough to counter threats, but others remain more exposed.
At Hiscox, we know every small business is unique. Consultants, graphic designers and builders can all face different cyber threats. The column showing the number of organisations experiencing attacks will tell you how common they are in your line of work.
Some cyber attacks are far costlier than others and big breaches tend to target certain sectors. Explore the ‘cost of cyber events’ column to see the median cost for your industry during the year to 2023.
The table also illuminates key differences in cyber security investments. These include security budgets, roles dedicated to cyber risks and spending on cyber insurance.
The value of learning lessons
The 2023 Hiscox Cyber Readiness Report offers a mixed set of results. On the one hand, more businesses are encountering cyber attacks, with smaller-scale firms at particular risk. On the other, cyber security spending continues to grow and fewer firms are giving in to ransomware demands.
Whatever your sector and business size, our research aims to shine a light on the potential areas in need of attention. It could ultimately help your company to pinpoint specific risks and guard against complacency.
*Data collected from a global study and all figures presented in US dollars.