British CEOs Worry About Cyber Attacks While Their Businesses Are Under-Insured

Growing concerns around data privacy and regulations have seen cyber threats shoot to the top of the most pressing risks facing businesses in the UK and now data from two surveys shows a lot of uncertainty. That is according to the findings of a recent survey by PricewaterhouseCoopers (PwC), which show that eight in 10 CEOs are now worried about the threat of cyberattacks.

This is more than the 79% of business leaders that are concerned about skills shortages, and 75% that are worried about the speed of technological change. The findings form part of a survey of almost 1,600 CEOs in 83 countries by PwC, which show that the threats of cyber-attacks are a growing concern across the world. 

The CEOs expressed high levels of concern around the growing sophistication of cyberattacks, with almost half personally protecting themselves by deleting social media apps. “The threat to their margins, their brands and even their continued existence from cyberattacks is no longer an abstract risk that can be ignored," said PwC cyber security chair, Richard Horne.

At the sametime, leading insurance broker Gallagher reports results of it own survey of  1000 businesses and almost two-fifths (39%) of senior decision makers in UK companies who say cyber-attacks are one of their biggest concerns, yet the vast majority of businesses (82%) do not have specialist insurance in place to cover them against the cost and impact of a cyber-attack.

Less than one in five (18%) have a standalone cyber insurance policy, with many UK businesses experiencing ‘silent’ cyber exposure due to believing that traditional insurance alone will suffice.

Another issue found with cyber security management was found in the amount of investment in innovative technology; 42% of business leaders declared that they have invested in out-of-the-box tech, but just 39% sought external advice on leveraging it, making for huge potential of vulnerability.

The main source of concern regarding cyber-attacks and data breaches seemed to stem from larger firms, with 59% citing these as a major issue compared to just 19% of companies with 50 employees or less.

In regards to views on cyber-attacks within different sectors in UK industry, 54% of manufacturing firms said that attacks were an issue for other sectors, followed by 44% in transport and 42% in healthcare. The most frequent kind of attack within UK businesses was found to be phishing attacks (80%), followed by email or online-based impersonation (28%), and viruses, spyware or malware, including ransomware (27%).

The issue of ‘silent’ cyber exposure is being caused by UK business leaders thinking traditional insurance covers them, when in reality a standard policy is unlikely to offer cyber cover. Under a fifth (18%) of businesses have a standalone cyber insurance policy, with many business owners buying a policy direct from an insurer (43%) without the advice of a broker, leaving them potentially unaware of the risks their business may be exposed to.

Business leaders may also feel their business is protected against cyber risk as they have invested in technology. 42% of bosses have invested in out of the box technology, however unfortunately only a minority (39%) have taken specialist external advice, leaving many making business critical decisions, potentially without the knowledge required.

Of the businesses surveyed, the majority of leaders in larger organisations cite cyber-attacks and data breaches as a big issue (59%), compared to a minority of bosses running firms employing 50 people or less (19%). However last year, a third of all businesses (32%) admitted they had been subject to a cyber-security breach or attack, showing that the risk is considerable to businesses of all sizes.

The most common type of cyber issue to impact UK businesses is phishing attacks (identified by 80% of business that experienced a problem), impersonation in emails or online (28% of businesses) and viruses, spyware or malware including ransomware attacks (27% of businesses).

Tom Draper, Head of Cyber at Gallagher, said: "The issue of cyber-crime is one of the biggest risks facing businesses today. Clearly there are practical steps businesses can take to help protect against cyber-attacks, but unfortunately the risk remains significant and many businesses are leaving themselves exposed to financial and reputational damage if they do not consider having specialist insurance in place.

“It is evident from our research that many bosses believe they are covered in the event of a cyber-attack, however traditional or off the shelf business insurance policies do not typically provide cover for cyber related issues.”

PWC CEO Survey:     The Actuary:        Information-Age:       Gallagher

You Might Also Read: 

Cyber Incidents Jump Up The Risk Index:

Cybercrime’s Deadly Impact On Business:

 

 

 

« Some Expert Predictions For Industrial Cyber Security
Fake News And The 2020 Presidential Election »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ControlCase

ControlCase

ControlCase provide solutions that address all aspects of IT-GRCM (Governance, Risk Management and Compliance Management).

Verlingue

Verlingue

Verlingue (formerly ICB Group) is a leading corporate insurance broker providing Insurance, Risk Management and related advice to businesses and private clients.

Cloudmark

Cloudmark

Cloudmark is a trusted leader in intelligent threat protection against known and future attacks, safeguarding 12 percent of the world’s inboxes from wide-scale and targeted email threats.

Calero Software

Calero Software

Calero is a leading global provider of Communications and Cloud Lifecycle Management (CLM) solutions designed to simplify the management of voice, mobile and other unified communications services.

ZeroNorth

ZeroNorth

ZeroNorth provides a new approach to improve software and infrastructure security, simplify continuous compliance reporting and to create more cost-effective risk management programs.

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator invests in early stage disruptive companies in the security industry including, Cybersecurity, Internet of Things (IOT), Blockchain and AI.

iSolutions

iSolutions

iSolutions is an official reseller and engineering company of leading products and solutions for cybersecurity and information protection, optimization, visualization and control of applications

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

Pyxsoft PowerWAF

Pyxsoft PowerWAF

Pyxsoft PowerWAF responds to the problem of business cybersecurity. We protect our clients' websites and data against attacks and exploitation of all kinds of vulnerabilities.

Alibaba Cloud

Alibaba Cloud

Alibaba Cloud is committed to safeguarding the cloud security for every business by leveraging a comprehensive suite of enterprise security services and products on the platform.

GetHacked.ca

GetHacked.ca

GetHackded.ca is a certified company offering penetration testing and specialized cybersecurity services.

VMware

VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control.

Hexiosec

Hexiosec

Hexiosec (formerly Red Maple Technologies) is a technical consultancy and product company founded and run by engineers from the UK Intelligence and Defence communities.

Uptime Institute

Uptime Institute

Uptime Institute is an unbiased advisory organization focused on improving the performance, efficiency, and reliability of business critical infrastructure.

TIVIT

TIVIT

TIVIT is a Brazil-based multinational company that offers enterprise-level digital solutions, and operates in ten countries in Latin America

BUI

BUI

BUI is a global technology consultancy and Cloud Solution Provider specialising in cloud, security, and networking solutions for mid-market and enterprise-level business across the world.