British companies are putting themselves at significant risk due to a lack of proper insurance protection against the effects of cyber-attacks, a government report has found.
The report, published in conjunction with insurance brokers Marsh, found that only two percent of large British firms have protection against cyber-attacks, with almost no small businesses set up in case of emergency.
This follows findings that 81 percent of large UK businesses and 60 percent of small companies suffered a cyber-security breach in the last year, with the cost of such attacks nearly doubling between 2013-2014.
In order to combat this, the report, entitled, “UK Cyber-Security, The Role of Insurance In Managing and Mitigating the Risk” lays out a new set of joint initiatives between the government and the insurance sector aimed at helping firms get to grips with cyber risk.
“The UK’s insurance market is world-renowned and we want it to be the same in relation to cyber risks. The market has extensive knowledge and experience of more established risks to help businesses manage and mitigate relatively new cyber risks,” said Cabinet Office Minister Francis Maude.
“Insurance is not a substitute for good cyber security, but is an important addition to a company’s overall risk management.”
The report, which was based on input from 13 London insurers and a number of large companies, found that, as larger firms increasingly depend on online distribution channels, they put themselves at risk to a wider range of ever more sophisticated attacks.
This includes recommendations that both sides combine their knowledge and data in order to boost awareness, with half of the business leaders interviewed for the report admitting they didn’t even know cyber insurance existed.
“While critical infrastructure in regulated sectors, such as banks and utility firms, are used to this kind of risk, most firms are not and their risk management practices are geared around lower-level, slower-moving risks,” said Marsh UK & Ireland chief executive Mark Weil.
“Companies will need to upgrade their risk management substantially to cope with the growing threat of cyber attack, including introducing disciplines such as stress-testing, and creating a joined-up recovery plan that brings together financial, operational and reputational responses”.
Among the report’s other recommendations are the promotion of the Government’s Cyber Essential Scheme, which can offer improved risk assessment and cyber security best practices, by insurers, in order to encourage greater adoption.
Marsh is planning to support this by launching a new cyber insurances product for SMEs which will deal with the cost of obtaining Cyber Essentials certification.
What do you know about famous hackers? Take our quiz!
Google parent Alphabet sees market capitalisation surge over $2tn on plan to over first-ever cash…
Google asks Virginia federal court to dismiss case brought by US Justice Department and eight…
Snapchat parent Snap reports user growth, revenues in spite of tough competition, in what may…
Intel shares sag after company shares gloomy revenue predictions, as data centre chip demand hit…
Germany's Tuta Mail says Google broke EU's new DMA rules with March algorithm update that…
US auto safety regulator opens new investigation into adequacy of Tesla Autopilot recall, saying it…
View Comments
When you consider that the rising number of cyber security attacks in the UK is estimated to have doubled between 2013 and 2014 in the UK, causing the economy billions of pounds, it is evident that business must improve the ways they manage this ever-growing cyber security risk. The need for cyber-insurance strategies is clear; however each business must also take responsibility for providing their own layers of strong online security to ensure enhanced security against external threats. Due diligence will reveal there are efficient and cost-effective ways to ensure a business is not exposed to a breach.
Increasing password security policies, for example, considerably boosts the security of any organisation. Such a step can also help companies ensure strong security policies are being integrated throughout the workforce, especially when accounts are being shared amongst colleagues. More undoubtedly needs to be done to stop the threat of cyber attacks in the UK. The good news is that a little common sense can help UK organisations sure up their defences without splurging on hugely expensive premiums.