Hiscox report: Half of UK businesses hit by cyber attack in 2023
The seventh annual Cyber Readiness Report by global insurance specialist Hiscox has revealed that almost half of UK businesses experienced a cyber attack in the last year. This marked an increase of 9% from the previous year, escalating from 44% in 2022 to 48% in 2023. The research, which surveyed UK companies across 14 sectors, aimed to discern businesses' perceptions of cyber security and their preparedness to face relevant threats.
Over the last 12 months, cyber-related incidents resulted in businesses experiencing a median annual loss exceeding £19,000, with organisations employing more than 1,000 staff suffering median costs equalling approximately £71,692.50. The property sector bore the highest risk of cyber attack.
Recent research has uncovered that cyber attacks occurring within the UK have been on the rise for three consecutive years, having affected nearly half of all businesses. Hiscox's Cyber Threat Ranking Table, which uses data collated from the latest Cyber Readiness Report, was employed to identify the industries most vulnerable to cyber attack.
The Cyber Readiness Report is now into its seventh year, making use of a representative selection of over 5,000 companies spanning eight countries and varying in size and sector, mirroring the immediate experience of businesses against the continually evolving cyber threat. Based on the confidence of business leaders regarding their capacity to tackle future cyber threats, the risk score takes into consideration several key factors, including the quantity and cost of cyber events businesses within the sectors have wrestled with during the survey period.
The top three sectors most endangered by cyber threats in the UK were found to be property, pharma and healthcare, and travel and leisure. The property sector saw a substantial increase in its risk score from last year, currently at 51 compared to 38 last year. The pharma and healthcare sector also witnessed an increase in its risk score from 39 last year to 49 this year. On the other hand, the sector offering business services experienced a decline in its risk score from 42 to 37, signifying improved threat management measures.
According to new surveys, almost half of the UK businesses (48%) endured at least one cyber attack over the past year. The median annual loss due to cyber-related incidents was found to be over £19,000 for UK businesses. Alarmingly, organisations with 1,000 or more employees faced the highest costs due to cyber attacks in the past year, reaching a median of £71,692.50.
In response to the findings, Alana Muir, Head of Cyber at Hiscox, commented: "Improving digital resilience is a never-ending task for businesses, and the difference in how sectors are able to cope with this is marked. The uptick in attacks witnessed in the UK over recent years is concerning but not surprising. Cyber criminals are fast learners and often succeed in keeping one step ahead of the companies they are targeting. It's important that cyber security and privacy are regularly reviewed, and necessary protections are put in place across all industries, to minimise damage to businesses and customers."