Our third Hiscox Cyber Readiness Report provides you with an up-to-the-minute picture of the cyber readiness of organisations, as well as a blueprint for best practice in the fight to counter the ever-evolving cyber threat.
Barely a week goes by without news of a major cyber incident being reported, and the stakes have never been higher. Data theft has become commonplace; the scale of ransom demands has risen steadily; and cumulatively the environment in which businesses must operate is increasingly hostile. The cyber threat has become the unavoidable cost of doing business today.
This is our third Hiscox Cyber Readiness Report and, for the first time, a significant majority of firms surveyed said they experienced one or more cyber attacks in the last 12 months. Both the cost and frequency of attacks have increased markedly compared with a year ago, and where hackers formerly focused mainly on larger companies, small-and-medium -sized firms are now equally vulnerable.
Regulation is going some way to improving awareness and mandating a baseline of cyber security rigour. In 2018, we saw the introduction of the EU’s General Data Protection Regulation (GDPR), to which businesses have adapted, and a by-product of this has been an uptick in demand for cyber insurance. In the pages that follow, we see that more firms are taking a structured approach to the problem, with a defined role for managing cyber strategy, and we can also see more appetite to transfer some or all of the risk to an insurer by way of a standalone cyber insurance policy.
The old adage ‘prevention is better than cure’ springs to mind, and being aware of these threats is half the battle. From our experience as a cyber insurer, business email accounts being compromised is currently the main cause of cyber claims, followed by ransomware.
We launched our online training platform, the CyberClear Academy, a year ago in a bid to better equip our customers against these perils and already more than 2,500 companies have benefited from it. We don’t rest on our laurels though, and will continue to develop other preventative measures that protect our customers and what matters to them.
The cyber risk may mutate rapidly, but progress in mitigating and managing it is also evolving. I hope this report will go some way to helping promote a better understanding of the issues and encourage the adoption of rigorous and effective measures to minimise the cyber threat.