British CEOs Worry About Cyber Attacks While Their Businesses Are Under-Insured

Growing concerns around data privacy and regulations have seen cyber threats shoot to the top of the most pressing risks facing businesses in the UK and now data from two surveys shows a lot of uncertainty. That is according to the findings of a recent survey by PricewaterhouseCoopers (PwC), which show that eight in 10 CEOs are now worried about the threat of cyberattacks.

This is more than the 79% of business leaders that are concerned about skills shortages, and 75% that are worried about the speed of technological change. The findings form part of a survey of almost 1,600 CEOs in 83 countries by PwC, which show that the threats of cyber-attacks are a growing concern across the world. 

The CEOs expressed high levels of concern around the growing sophistication of cyberattacks, with almost half personally protecting themselves by deleting social media apps. “The threat to their margins, their brands and even their continued existence from cyberattacks is no longer an abstract risk that can be ignored," said PwC cyber security chair, Richard Horne.

At the sametime, leading insurance broker Gallagher reports results of it own survey of  1000 businesses and almost two-fifths (39%) of senior decision makers in UK companies who say cyber-attacks are one of their biggest concerns, yet the vast majority of businesses (82%) do not have specialist insurance in place to cover them against the cost and impact of a cyber-attack.

Less than one in five (18%) have a standalone cyber insurance policy, with many UK businesses experiencing ‘silent’ cyber exposure due to believing that traditional insurance alone will suffice.

Another issue found with cyber security management was found in the amount of investment in innovative technology; 42% of business leaders declared that they have invested in out-of-the-box tech, but just 39% sought external advice on leveraging it, making for huge potential of vulnerability.

The main source of concern regarding cyber-attacks and data breaches seemed to stem from larger firms, with 59% citing these as a major issue compared to just 19% of companies with 50 employees or less.

In regards to views on cyber-attacks within different sectors in UK industry, 54% of manufacturing firms said that attacks were an issue for other sectors, followed by 44% in transport and 42% in healthcare. The most frequent kind of attack within UK businesses was found to be phishing attacks (80%), followed by email or online-based impersonation (28%), and viruses, spyware or malware, including ransomware (27%).

The issue of ‘silent’ cyber exposure is being caused by UK business leaders thinking traditional insurance covers them, when in reality a standard policy is unlikely to offer cyber cover. Under a fifth (18%) of businesses have a standalone cyber insurance policy, with many business owners buying a policy direct from an insurer (43%) without the advice of a broker, leaving them potentially unaware of the risks their business may be exposed to.

Business leaders may also feel their business is protected against cyber risk as they have invested in technology. 42% of bosses have invested in out of the box technology, however unfortunately only a minority (39%) have taken specialist external advice, leaving many making business critical decisions, potentially without the knowledge required.

Of the businesses surveyed, the majority of leaders in larger organisations cite cyber-attacks and data breaches as a big issue (59%), compared to a minority of bosses running firms employing 50 people or less (19%). However last year, a third of all businesses (32%) admitted they had been subject to a cyber-security breach or attack, showing that the risk is considerable to businesses of all sizes.

The most common type of cyber issue to impact UK businesses is phishing attacks (identified by 80% of business that experienced a problem), impersonation in emails or online (28% of businesses) and viruses, spyware or malware including ransomware attacks (27% of businesses).

Tom Draper, Head of Cyber at Gallagher, said: "The issue of cyber-crime is one of the biggest risks facing businesses today. Clearly there are practical steps businesses can take to help protect against cyber-attacks, but unfortunately the risk remains significant and many businesses are leaving themselves exposed to financial and reputational damage if they do not consider having specialist insurance in place.

“It is evident from our research that many bosses believe they are covered in the event of a cyber-attack, however traditional or off the shelf business insurance policies do not typically provide cover for cyber related issues.”

PWC CEO Survey:     The Actuary:        Information-Age:       Gallagher: 

You Might Also Read: 

Cyber Incidents Jump Up The Risk Index:

Cybercrime’s Deadly Impact On Business: