Companies in the UK and Europe doubled cybersecurity spending to combat an increase in cyberattacks in 2020, according to a new report by Hiscox.
Data from the Cyber Readiness Report shows that businesses are allocating more resources to combat the “growing cyber challenge” than ever as the scale of the problem “continues to both change and grow”.
Businesses were targeted more often in 2020 than in 2019, according to the report, with 28% of the businesses that suffered attacks being targeted on more than five occasions last year.
Forrester Consulting polled over 6,000 firms across the US, UK, Belgium, France, Germany, Spain, the Netherlands and Ireland to establish the effectiveness of cybersecurity strategies.
Around half of respondents said they felt their organisation “had become more vulnerable” to cyberattacks since the start of the pandemic. Total cyber losses among the affected firms were $1.8 billion – up from $1.2 billion the previous year. On top of this, more than 6% of total respondents said they paid a ransom to hackers, with a combined loss of $381 million.
Cybersecurity spending has increased by 39%, data indicates, with expert firms saying that they plan to continue spending in the future. This has caused a drop in cyberattacks in general, with the number of firms affected by a cyber event this year falling from 61% to 39%.
Additionally, twice as many firms said they responded to a breach by adding new security measures and spending on employee training.
The results from Hiscox’s 2021 report show that many businesses met the pandemic with “resounding cyber resilience”. Despite economic pressures, the average business surveyed now devotes more than a fifth (21%) of its IT budget to cybersecurity, an increase of 63%.
Commenting on the report, Gareth Wharton, Cyber CEO, Hiscox, said: “While the number of firms reporting a breach is down, the cost and intensity of criminal activity in this area appear markedly higher. The numbers that have paid a ransom following a malware infection are chilling. Nobody should doubt the scale of the problem.
“The companies that are part of our report were questioned prior to the coronavirus pandemic, so the findings reflect their perspectives in more certain times. No doubt the increase in experts seen this year is an important step to protecting companies in the ever-changing cyber threat landscape.
“While a high level of preparedness can be no guarantee of security, there are incredible steps firms can take to minimise their vulnerability, respond effectively and recover in good order. It is about defence in-depth and building resilience.”
- Scot-Secure 2021 | Resilient cybersecurity with managing CISO Jordan Schroeder
- Do you know what cybersecurity threats lurk behind those QR codes?
- Leader Insights | Humanise cybersecurity with UKCSA CEO Lisa Ventura
The Covid-19 pandemic has put pressure on many companies looking to protect themselves from cybersecurity threats. Things such as homeworking and increased use of technology have meant that cybersecurity issues have increased.
Last year’s Cyber Threatscape Report by Accenture said that organisations “should expect cybercriminals to be far more brazen in their tactics” due to the pandemic.
Data showed that 70% of organisations believed they have “completely embedded” cybersecurity into their culture, yet 75% of organisations were “plagued by at least one security breach or incident” last year.
Offering advice to firms looking to bolster cybersecurity, Freha Arshad, UKI Health & Public Services Security Lead at Accenture, said: “A comprehensive security strategy and approach can accelerate the ability to protect data through people, process and technology efforts while defining the criteria that support the business goals.
“Connectedness has its consequences, but the growing expertise in cyber security is a strong line of defence. Most of all shift security processes left and embed them early into the development cycle.”