Hiscox, the international specialist insurer, revealed businesses are enhancing levels of spending and activity to minimize their vulnerability to cyber incidents and breaches. The annual Hiscox Cyber Readiness Report 2020, which gauges businesses’ preparedness to combat cyber incidents and breaches, surveyed 5,569 professionals from the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland who are responsible for their company’s cyber security, between December 24, 2019, and February 3, 2020.
Read More: Healthfully and Paya Deliver Expanded Patient Care and Payments Through New Partnership
Key findings specific to the more than 1,000 US professionals surveyed include:
- A leader in cyber spending: The US shared the top spot for cyber spending, alongside Ireland. US businesses increased their average cyber security spending within their IT budgets by 61% to $2.4 million.
- More financial damage caused by fewer attacks: A battle has emerged between cyber criminals and businesses. In the US, only 41% of respondents reported that their organization experienced at least one cyber incident or breach compared to 53% last year, though the median cost of all cyber incidents in the US rose from $10,000 last year to $50,000 this year. Therefore, cyber criminals have been doing more damage in fewer, albeit more sophisticated, attacks.
- Businesses are taking action:Â Meanwhile, businesses are building up their defenses. While 39% of US organizations reported they did not take action after a security incident last year, this figure fell dramatically to 3% in this year’s report. Actions taken include regularly evaluating and discussing security and privacy, increasing spending on employee training and cultural change and creating additional security and audit requirements.
- Improvement in cyber readiness, but potential blind spots remain:Â The number of ranked cyber experts more than doubled to 24% this year, while cyber novices fell to 58% compared to 73% last year. Despite this positive trend in cyber readiness, nearly half (48%) of all respondents agreed their organization remains at risk of having a cyber incident.
- Reputational impacts have increased:Â Fifteen percent of respondents that experienced a cyber incident or breach reported bad publicity or impact on their brand or reputation as a result, compared to 3% last year. Businesses also experienced greater difficulty in attracting new customers following an incident or breach, with 17% reporting challenges compared to 3% saying the same the year prior.
- US businesses are more likely to pay a ransom: Alongside France, the US led the way with businesses most likely to pay a cyber ransom, with nearly one in five (18%) of those US companies who suffered a ransomware infection reporting it had been paid.
- Small businesses remain vulnerable to risk:Â Nearly one-third (32%) of US small businesses, those with under 250 employees, experienced at least one cyber incident or breach in the past year. Of these, only one in five (21%) small businesses purchased or enhanced their cyber insurance policy for protection against threats.
- Mitigating the risk:Â Sixty-four percent of US businesses said they had cyber insurance coverage, while 16% said they were planning to purchase coverage in the next twelve months. Additionally, more than half (54%) of respondents with cyber insurance reported they planned to use “employee training” that’s offered by their insurance providers in addition to their cyber policy.
Read More: GlobalFintechSeries Interview with Nick Cowan, CEO of the GSX Group