The study by Gallagher surveyed 1000 businesses, and found that many do not have specialist cyber insurance to cover attacks and mitigate apparent concerns.
Less than one in five (18%) have a standalone cyber insurance policy, with many UK businesses experiencing ‘silent’ cyber exposure due to believing that traditional insurance alone will suffice.
Another issue found with cyber security management was found in the amount of investment in innovative technology; 42% of business leaders declared that they have invested in out-of-the-box tech, but just 39% sought external advice on leveraging it, making for huge potential of vulnerability.
UK tech entrepreneurs’ advice
“The issue of cyber-crime is one of the biggest risks facing businesses today,” said Tom Draper, head of cyber at Gallagher. “Clearly there are practical steps businesses can take to help protect against cyber attacks, but unfortunately the risk remains significant and many businesses are leaving themselves exposed to financial and reputational damage if they do not consider having specialist insurance in place.
“It is evident from our research that many bosses believe they are covered in the event of a cyber-attack, however traditional or off the shelf business insurance policies do not typically provide cover for cyber related issues.”
The main source of concern regarding cyber attacks and data breaches seemed to stem from larger firms, with 59% citing these as a major issue compared to just 19% of companies with 50 employees or less.
In regards to views on cyber attacks within different sectors in UK industry, 54% of manufacturing firms said that attacks were an issue for other sectors, followed by 44% in transport and 42% in healthcare.
“Our data shows that bosses in some industries think they are less likely to be targeted but the reality is that the majority of businesses now have some exposure to cyber crime,” Draper added. “Both healthcare and manufacturing are industries that have been singled out as at high risks.
“In healthcare this is due to the nature of customer information they handle. The manufacturing sector, which includes automotive, electronics and pharmaceutical companies, is vulnerable because cyber attacks are primarily financially motivated and are therefore likely to target businesses where they can demand a high amount of money as well as sell information to competitors.”
Back to basics: the top five technical issues to address in industrial cyber security
The most frequent kind of attack within UK businesses was found to be phishing attacks (80%), followed by email or online-based impersonation (28%), and viruses, spyware or malware, including ransomware (27%).