Cyber-attacks are seemingly on the rise, with high profile companies and organisations the subject of many news stories lately.
According to the Centre for Strategic and International Studies, the estimated annual loss from cyber-attacks is now at least $400 billion or £291 billion. Last year’s WannaCry ransomware attack was thought to have cost $4 billion in lost productivity.
Understandably, businesses are worried. Char van der Walt from SecureData, a cyber security company has said that businesses are “in a mad panic” to buy cyber insurance.
“Unfortunately this will mean that businesses of all sizes will seek out the minimum cyber-security investment laid out by insurers, government, and regulators, rather than going above and beyond to protect their own, and their customers’ data.”
According to a recent Ernst & Young report, over half (53%) of respondents said that their cyber security budget had risen over the past year.
According to Gov.uk the average spend on cyber security for all businesses was £4,590. For larger businesses, this average shoots up to £387,000.
More businesses are also looking to improve training in cyber security which is one of the most important steps a business can take to ensure they’re safe. A lot of cyber-attacks occur when someone has opened an email and downloaded an attachment. With more training and awareness, people will be able to recognise suspicious emails or calls before they become a problem.
Prevention or insurance?
While increased awareness can only be a good thing, companies might be quick to rush into insurance contracts as a solution despite the fact that they won’t actually stop an attack. Another thing worth bearing in mind is, should an attack happen, there will also be things insurance can’t really cover like damage to reputation.
There’s a danger that companies armed with insurance will be less likely to invest in areas that may prevent an attack in the first place like upgrading computers, hiring people to manage security or training staff to reduce risk. Insurance is good to have but it’s not the sole solution.
Are you at risk?
Big companies that get attacked make the headlines. Unfortunately, some smaller businesses may take this to mean that they’re less likely to get attacked.
It’s true that successfully hacking the likes of Facebook or Google might prove to be more lucrative for a cyber-criminal. However, with top security in place these places are difficult to breach. They’ve got armies of lawyers and advisors and plans in place in case this happens.
Smaller businesses are much easier to hack and are more at risk than larger corporations. So make sure you have some defence or plans in place just in case, no matter how small your company is.
Have you invested in preventative methods or insurance for cyber security? Do you have any tips you’d recommend to protect a business? Let us know your thoughts.