Cyber attacks surge against businesses in 2018, survey reports
The number of cyber attacks against companies rose sharply last year, with more than 60% reporting at least one attack in 2018, according to a new survey.
Around 61% of businesses reported one or more cyber attack in 2018, up from 45% the previous year, according to Hiscox's cyber readiness report 2019.
The recent spike in cyber crime included a number of high profile incidents, including data breaches at British Airways and Dixons Carphone.
British Airways was forced to apologise last year after the credit card details of 380,000 customers were stolen during an attack on its website and app.
Despite the sharp increase in the number of attacks, the number of firms making preparations against such incidents has declined over the past year, according to the figures.
The new report surveyed 5,400 firms in the US, UK, Belgium, France, Germany, Spain and the Netherlands.
Nearly three quarters (74%) of businesses were considered unprepared for a cyber attack, after failing a cyber readiness test.
The size of losses related to attacks also sharply increased, with the average loss reported at $369,000 (£283,000) - up 61% on the previous year. German firms reported the largest overall losses, as one company reported $48m in losses from data breaches.
While large firms remain the most likely to be targeted, the number of small and medium-sized businesses affected by cyber crime surged last year.
Around 47% of small firms, those with less than 50 employees, reported attacks, up from 33% last year. The proportion of medium-sized businesses, with 50 to 249 employees, targeted also soared, rising to 63% from 36% the previous year.
Companies increased their expenditure on cyber security last year by 24%, to $1.45m (£1.1m) on average.
Gareth Wharton, Hiscox Cyber CEO, said small and medium-sized firms now looked as vulnerable to attack as larger companies.
"The one positive is that we see more firms taking a structured approach to the problem, with a defined role for managing cyber strategy and an increased readiness to transfer the risk to an insurer by way of a standalone cyber insurance policy," he added.