British CEOs Worry About Cyber Attacks While Their Businesses Are Under-Insured

Uploaded on 2020-02-17 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Growing concerns around data privacy and regulations have seen cyber threats shoot to the top of the most pressing risks facing businesses in the UK and now data from two surveys shows a lot of uncertainty. That is according to the findings of a recent survey by PricewaterhouseCoopers (PwC), which show that eight in 10 CEOs are now worried about the threat of cyberattacks.

This is more than the 79% of business leaders that are concerned about skills shortages, and 75% that are worried about the speed of technological change. The findings form part of a survey of almost 1,600 CEOs in 83 countries by PwC, which show that the threats of cyber-attacks are a growing concern across the world. 

The CEOs expressed high levels of concern around the growing sophistication of cyberattacks, with almost half personally protecting themselves by deleting social media apps. “The threat to their margins, their brands and even their continued existence from cyberattacks is no longer an abstract risk that can be ignored," said PwC cyber security chair, Richard Horne.

At the sametime, leading insurance broker Gallagher reports results of it own survey of  1000 businesses and almost two-fifths (39%) of senior decision makers in UK companies who say cyber-attacks are one of their biggest concerns, yet the vast majority of businesses (82%) do not have specialist insurance in place to cover them against the cost and impact of a cyber-attack.

Less than one in five (18%) have a standalone cyber insurance policy, with many UK businesses experiencing ‘silent’ cyber exposure due to believing that traditional insurance alone will suffice.

Another issue found with cyber security management was found in the amount of investment in innovative technology; 42% of business leaders declared that they have invested in out-of-the-box tech, but just 39% sought external advice on leveraging it, making for huge potential of vulnerability.

The main source of concern regarding cyber-attacks and data breaches seemed to stem from larger firms, with 59% citing these as a major issue compared to just 19% of companies with 50 employees or less.

In regards to views on cyber-attacks within different sectors in UK industry, 54% of manufacturing firms said that attacks were an issue for other sectors, followed by 44% in transport and 42% in healthcare. The most frequent kind of attack within UK businesses was found to be phishing attacks (80%), followed by email or online-based impersonation (28%), and viruses, spyware or malware, including ransomware (27%).

The issue of ‘silent’ cyber exposure is being caused by UK business leaders thinking traditional insurance covers them, when in reality a standard policy is unlikely to offer cyber cover. Under a fifth (18%) of businesses have a standalone cyber insurance policy, with many business owners buying a policy direct from an insurer (43%) without the advice of a broker, leaving them potentially unaware of the risks their business may be exposed to.

Business leaders may also feel their business is protected against cyber risk as they have invested in technology. 42% of bosses have invested in out of the box technology, however unfortunately only a minority (39%) have taken specialist external advice, leaving many making business critical decisions, potentially without the knowledge required.

Of the businesses surveyed, the majority of leaders in larger organisations cite cyber-attacks and data breaches as a big issue (59%), compared to a minority of bosses running firms employing 50 people or less (19%). However last year, a third of all businesses (32%) admitted they had been subject to a cyber-security breach or attack, showing that the risk is considerable to businesses of all sizes.

The most common type of cyber issue to impact UK businesses is phishing attacks (identified by 80% of business that experienced a problem), impersonation in emails or online (28% of businesses) and viruses, spyware or malware including ransomware attacks (27% of businesses).

Tom Draper, Head of Cyber at Gallagher, said: "The issue of cyber-crime is one of the biggest risks facing businesses today. Clearly there are practical steps businesses can take to help protect against cyber-attacks, but unfortunately the risk remains significant and many businesses are leaving themselves exposed to financial and reputational damage if they do not consider having specialist insurance in place.

“It is evident from our research that many bosses believe they are covered in the event of a cyber-attack, however traditional or off the shelf business insurance policies do not typically provide cover for cyber related issues.”

PWC CEO Survey:     The Actuary:        Information-Age:       Gallagher

You Might Also Read: 

Cyber Incidents Jump Up The Risk Index:

Cybercrime’s Deadly Impact On Business:

 

 

 

« Some Expert Predictions For Industrial Cyber Security
Fake News And The 2020 Presidential Election »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

SSH Communications Security

SSH Communications Security

SSH Communications Security is a leading provider of enterprise cybersecurity solutions for controlling trusted access to information systems and data.

TWNCERT

TWNCERT

TWNCERT is the National Computer Emergency Response Team of Taiwan.

EG-CERT

EG-CERT

EG-CERT is the national Computer Emergency Response Team for Egypt.

Eustema

Eustema

Eustema designs and manages ICT solutions for medium and large organizations.

European Organisation for Security (EOS)

European Organisation for Security (EOS)

EOS represents all domains of security solutions and services.providers including ICT information and communications technologies.

Referentia

Referentia

Referentia leads the development of critical infrastructure solutions that benefit society, including cyber security and network performance management.

Balbix

Balbix

Balbix BreachControl™ is the industry’s first system to leverage specialized AI to provide comprehensive and continuous predictive assessment of breach risk.

Desec Security

Desec Security

Desec's training platform allows professionals around of the world to acquire knowledge and practical experience in Information Security.

Gigacycle

Gigacycle

Gigacycle is one of the leading IT disposal and recycling providers in the UK. We specialise in IT asset disposal (ITAD) and data destruction.

drie

drie

drie is an end-to-end cloud services company based in Bahrain, Dubai and London. We enable businesses to adopt, scale on and build for cloud.

Resourcive

Resourcive

Resourcive is the first Value Added Sourcing “VAS” consultancy. We deliver strategic IT sourcing solutions to mid-market and enterprise clients.

Veza Technologies

Veza Technologies

Veza is the authorization platform for data. Built for hybrid, multi-cloud environments, Veza enables organizations to manage and control who can and should take what action on what data.

IS4IT Kritis

IS4IT Kritis

IS4IT is your partner for the successful planning, introduction and implementation of company-specific information security concepts.

BBS Technology

BBS Technology

BBS Technology is a company that develops and delivers next-generation cyber security technologies worldwide.

Atumcell

Atumcell

Atumcell’s targeted risk assessment exposes emerging threats before they cause harm.

CYSEC Global

CYSEC Global

CYSEC Global is a series of summits dedicated to tackle regional cyber security challenges.