A report released by Hiscox, a cyber insurance providing company, pointed that cyberattacks across several verticals in the U.S. and Europe have seen a sharp surge, whereas the cyber readiness of the organizations has come to a halt. The survey included nearly 5,400 private and public sector organizations from the U.S., UK, Belgium, France, Germany, Spain and the Netherlands.
The report highlighted that 61 percent of the firms experienced a cyber incident in the past year, up from 45 percent in 2018. Financial losses that accounted for US$ 1,67,000 have risen five times to nearly US$ 7,20,000. Despite these alarming numbers, the cyber readiness of the firms seems to be moving at a snail’s pace, as only 10 percent of the surveyed companies achieved “expert” status and 74 percent were tagged as unprepared “novices”.
Here’s the country-wise report card as per Hiscox’s cyber readiness model:
- Reported the greatest number of cyberattacks (71 percent) and most likely to report supply chain-related issues.
- Topped the list for the frequency of cyberattacks (more than one-third of those targeted were attacked four times or more).
- With 16 percent of the country’s large and enterprise-scale organizations ranked as “experts”, Belgium topped the cyber readiness chart for 2019.
- It Spent the most on cybersecurity (mean cost of US$ 2.1 million) and suffered the lowest number of cyberattacks.
- 81 percent of the organizations ranked “novice,” whereas 6 percent qualified as “experts.”
- The least likely country to have cyber insurance along with Germany.
- Cyber readiness of large and enterprise organizations qualifying as “experts” has come down from 20 percent in 2018 to 14 percent in 2019.
- Faced the highest mean cost of cyber incidents of over US$900,000 – more than twice the average mean cost for all seven surveyed countries.
- Among the study group, German organizations reported the highest cost for all cyberattack incidents (US$48 million).
- Ranked as the best improver in the cyber readiness model, with the “novice” qualified group coming down from 82 percent in 2018 to 76 percent in 2019.
- Recorded the highest number of DDoS attacks – 19 percent.
- The largest number of cloud outages recorded – 27 percent.
- Largest spenders in cybersecurity technologies (18 percent spent on cyber incident detection, whereas 22 percent spent on cyber incident prevention technologies).
- 72 percent of organizations reported a cyberattack.
- 49 percent of organizations have cyber insurance.
- Allocates the least cybersecurity budget – US$900,000.
- The mean cost of all incidents was below US$243,000.
- Most eligible to measure the business impact of a cyber incident.
- The lowest mean cost of all cyber incidents – US$119,000.
- Steep fall in the number of large enterprises qualifying as “experts” in cyber readiness – down from 26 percent to 11 percent in 2019.
- 72 percent of the U.S. organizations plan to increase cybersecurity spending.
The proportion of organizations with no defined role for cybersecurity has halved in the past year – from 32 percent to 16 percent – and there has been a marked fall in the number of respondents saying that they changed nothing following a cyber incident (from 47 to 32 percent). The new regulation has led to prompted action, with 84 percent of Continental European organizations saying they have made changes following the advent of the General Data Protection Regulation (GDPR).