One in five UK businesses have experienced a cyber attack or incident, while nearly one in ten (9pc) small businesses experiencing this in the last year, according to a survey by an insurance company. This number rises to 35pc of large corporate businesses, showing the increasing risk that cyber presents.
With criminals often looking for opportunities in the run-up to Christmas and cyber swiftly becoming an increasing risk for both consumers and businesses alike, the research found that businesses are 67pc more likely to have experienced a cyber incident than a physical theft and almost five times as likely to have experienced a cyber attack as a fire.
When looking at the repercussions of a cyber attack or incident, almost a third (31pc) experienced operational disruption, with a further fifth (21pc) experiencing data loss and system lockdowns. Such interruptions led to businesses claiming an average of £21,000 per incident according to Aviva data, although costs can run into the tens or even hundreds of millions of pounds.
While around half of UK businesses express confidence in handling a cyber incident or attack, one in five (20pc) admit to not being confident in knowing what to do should this happen, a figure that rises to more than a quarter (27pc) of small businesses, who appear to be the most vulnerable to such a risk. Not only does this increase the risk of further damage, it means that businesses also risk being non-complaint with personal data rules.
Despite the high frequency of cyber incidents experienced by businesses, Aviva’s research suggests a significant gap in cyber insurance coverage, most notably among small businesses – less than one in five of whom (17pc) have a cyber insurance policy – and the same proportion (17pc) say they are unaware that cyber insurance exists.
Comment
Stephen Ridley, Head of Cyber at Aviva, said: “It’s important to recognise that businesses of all shapes, sizes and sectors are at constant risk of a cyber attack – particularly at this time of year, with phishing emails often increasing around Black Friday and Christmas. The nature of such a threat means that cyber criminals are evolving their tactics, looking for the opportunity as opposed to setting their sights on large corporates alone.
“Though our research shows that one in three (31pc) businesses see cyber as the biggest risk to their businesses, it’s worrying to see that many businesses do not know how to protect themselves from this emerging threat. Many businesses do not have cyber cover, leaving them exposed to high, unforeseen costs and significant business disruption which could amount to tens of thousands of pounds.
“If the chance arises, there’s a risk that cyber criminals will act and so it’s key to have both preventative measures and protection in place. Although businesses are more likely to purchase cyber cover after experiencing an attack, more and more affordable products are becoming available on the market from as little as £50 a year, like Aviva’s Cyber Respond. These could be a valuable lifeline to small businesses in particular, should the worst happen.”
