[BreachExchange] Fifth of Businesses Say Cyber-Attack Nearly Broke Them

[Matthew Wheeler]

https://www.infosecurity-magazine.com/news/fifth-of-businesses-cyber-attack/

A fifth of US and European businesses have warned that a serious
cyber-attack nearly rendered them insolvent, with most (87%) viewing
compromise as a bigger threat than an economic downturn, according to
Hiscox.

The insurer polled over 5000 businesses in the US, UK, Ireland, France,
Spain, Germany, the Netherlands and Belgium to compile its annual Hiscox
Cyber Readiness Report.

It revealed the potentially catastrophic financial damage that a serious
cyber-attack can wreak. The number claiming to have nearly been brought
down by a breach increased 24% compared to the previous year.

Nearly half (48%) of respondents said they suffered an attack over the past
12 months, a 12% increase from the previous report’s findings. Perhaps
unsurprisingly, businesses in seven out of eight countries see cyber as
their biggest threat.

Yet perception appears to vary greatly depending on whether an organization
has suffered a serious compromise or not. While over half (55%) of total
respondents said they view cyber as a high-risk area, the figure among
companies that have not yet suffered an attack is just 36%.

While spending on cybersecurity is increasing, on average, up 60% per
company year-on-year, so is the cost of attacks. Hiscox calculated the
median cost at around $17,000 – up 29% year-on-year.

More concerning given the new era of hybrid working is that almost
two-thirds of respondents (62%) agreed that their business was more
vulnerable to an attack as a result of employees working from home. This
increased to 69% in companies with more than 250 employees.

“Business owners will have spent years growing and investing in their
business, but one cyber-attack could reduce what they have built to
financial rubble,” warned Hiscox Cyber CEO, Gareth Wharton.

“Remote working is not going away, and has impacted the volume of
cyber-attacks as cyber-criminals gain access via cloud servers, so it is
vital that businesses take the necessary steps to protect themselves
against the complexity and speed of cyber-attacks.”

Wharton added that with phishing emails remaining a top threat vector,
organizations should focus efforts on improving their staff awareness
training.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220517/668a7fed/attachment.html>