UK businesses have lost £44 billion to cyber attacks in the past five years, according to Howden. Half of UK businesses, about 1.3 million companies, suffered at least one cyber attack during this time. The average cost of these attacks equals 1.9% of revenue.
The Targets
Large businesses were the most targeted. Seventy-four percent of firms with over £100 million in annual revenue reported cyber attacks. Small and medium-sized enterprises also faced threats. Forty-nine percent of companies earning between £2 million and £50 million experienced cyber-attacks.
The most common attacks were compromised emails and data theft. These accounted for 20% and 18% of incidents, respectively. The average cost per attack was £2.1 million for email compromises and £2 million for data theft.
Despite the rising threat, basic cyber security measures are not widely adopted. Only 61% of businesses use antivirus software. Just 55% employ network firewalls. Companies cite cost (26%), insufficient knowledge (26%), and lack of IT resources (22%) as obstacles.
Role of Cybersecurity
However, by implementing simple cybersecurity measures, Howden estimates that UK businesses could reduce attack costs by up to 75%. The savings? About £30 billion from 2019 to 2024. The average business could save £3.5 million over ten years. Or a 25% return on investment.
The cost highlights the vulnerabilities that cyber-attacks exploit, making recent warnings even more urgent. The exposure revealed in Howden’s report makes recent reports about potential cyber warfare by Russia particularly noteworthy.
Greater Dangers
Russia is reportedly ready to carry out cyber attacks on the UK and its allies to weaken support for Ukraine. Pat McFadden, Chancellor of the Duchy of Lancaster, whose role includes responsibility for national security, warned that the Kremlin could target British businesses and disrupt power supplies. This could leave millions without electricity. He described this cyber war as a “hidden war” being waged against Ukraine and its supporters.
McFadden highlighted the threat from Russian hacking groups aligned with the state. They are responsible for at least nine cyber attacks against NATO members. These include assaults on critical infrastructure. McFadden noted that these groups act with impunity as long as they serve President Putin’s interests. Recent attacks on UK councils, claimed by pro-Russian hackers, exemplify this growing threat.
All of this points to a need for enhanced cybersecurity. There is a need to recognize cyber threats’ increasing sophistication and aggression. Particularly those backed by state actors. The vulnerabilities outlined in Howden’s report make it clear that proactive steps are needed.
Solutions
Tax relief on cybersecurity investments would help. Thirty-three percent support this policy. Free access to cyber expertise (32%), compulsory minimum standards (31%), and compulsory insurance (26%) are also favored.
The insurance industry and government play vital roles. They can help companies overcome barriers and raise awareness. The insurance sector can advise on security and offer incident response services.
“Cybercrime is on the rise as firms rely more on technology,” said Sarah Neild, Head of UK Cyber Retail at Howden. “UK businesses are losing significant revenue to cyber attacks. The insurance industry is crucial in strengthening resilience and raising awareness.”
Neild stressed the importance of engaging with SMEs. “This segment has been historically underserved by the cyber insurance market,” she said. “Through increased insurance and education, we can help businesses improve resilience and protect against losses.”
Howden’s research is based on a survey of 905 senior IT decision-makers in the UK private sector. YouGov surveyed from 9 to 22 September 2024.
Other News: Howden Launches New Platform to Simplify Cyber Insurance for Small Businesses(Opens in a new browser tab)
Other News: Russia ready to wage cyber war on UK, minister to say.
