A yearly cyber readiness report from UK insurance experts Hiscox has uncovered some unsettling findings.

The recent study surveyed enterprises in high income countries across the globe (including the UK, US, Ireland, France, Belgium, Germany, Spain, and the Netherlands) analysing cyber losses.

The report results prompted Cyber CEO for Hiscox, Gareth Wharton to comment:

“The number of businesses that have paid a ransom following a malware infection is chilling.”

UK cyber loss attack statistics

One out of every six companies polled in the Hiscox Cyber Readiness Report had given into threat operators’ demands in 2019 and paid the ransoms requested. The biggest losses suffered by a single business targeted by a ransomware attack was £40.2m.

The study also revealed that the total losses from cyberattacks spiked by 50% to almost £1.4bn last year. It also noted cyber losses per company have increased by almost six-fold, rising from around £8,000 to close to £46,000.

According to the Hiscox findings, it is 15 times more probable that UK enterprises will encounter a cyberattack than other potentially costly risks such as theft or fire.

Out of the eight different nations surveyed, the largest reported annual cyber loss was suffered by a financial services company based in the UK at £71m. The highest loss for a single cyber event also occurred in the UK at a professional services firm with a total of £12.7m.

Increased spending on cybersecurity measures

The report follows a spate of recent cyberattacks on UK firms, like the London-headquartered Travelex. The largest foreign exchange company worldwide made the headlines back in January after falling victim to a high-profile attack by the infamous ransomware group REvil and reportedly forking out a sum of £1.8m. The hack that hit on New Years Eve rendered the company’s systems inoperative for weeks, to the extent that staff returned to using pens and paper throughout its branches.

While the losses incurred by cyberattacks rose in 2019, the recent report from Hiscox also indicated that companies across the eight countries are investing more heavily in cyber security with spends rising by 39%.

Cyber CEO for Hiscox, Gareth Wharton stated:

“There is, however, one very positive message from this year’s report – there is clear evidence of a step-change in cyber preparedness, with enhanced levels of activity and spending. Take-up of standalone cyber insurance remains patchy, but this report is a reminder that firms are many times more likely to have a cyber incident than either a fire or a theft – for which most automatically insure.”

Statistics gleaned from the polling show that average spending on cybersecurity in UK firms has risen from last year’s £724,000 to £1.2m.

Hiscox has also issued a warning that echoes recent advice from the NCSC (National Cyber Security Centre) stating that new cybercriminal threats are emerging out of the COVID-19 crisis. Since the onset of the outbreak, there has been a noted increase in the swarm of phishing scams targeting remote workers operating on less secure devices from home.