Only Two Percent Of UK Big Businesses Have Insurance Against Cyber-Attacks

British companies are putting themselves at significant risk due to a lack of proper insurance protection against the effects of cyber-attacks, a government report has found.

The report, published in conjunction with insurance brokers Marsh, found that only two percent of large British firms have protection against cyber-attacks, with almost no small businesses set up in case of emergency.

At risk?

This follows findings that 81 percent of large UK businesses and 60 percent of small companies suffered a cyber-security breach in the last year, with the cost of such attacks nearly doubling between 2013-2014.

In order to combat this, the report, entitled, “UK Cyber-Security, The Role of Insurance In Managing and Mitigating the Risk” lays out a new set of joint initiatives between the government and the insurance sector aimed at helping firms get to grips with cyber risk.

“The UK’s insurance market is world-renowned and we want it to be the same in relation to cyber risks. The market has extensive knowledge and experience of more established risks to help businesses manage and mitigate relatively new cyber risks,” said Cabinet Office Minister Francis Maude.

“Insurance is not a substitute for good cyber security, but is an important addition to a company’s overall risk management.”

Critical

The report, which was based on input from 13 London insurers and a number of large companies, found that, as larger firms increasingly depend on online distribution channels, they put themselves at risk to a wider range of ever more sophisticated attacks.

This includes recommendations that both sides combine their knowledge and data in order to boost awareness, with half of the business leaders interviewed for the report admitting they didn’t even know cyber insurance existed.

“While critical infrastructure in regulated sectors, such as banks and utility firms, are used to this kind of risk, most firms are not and their risk management practices are geared around lower-level, slower-moving risks,” said Marsh UK & Ireland chief executive Mark Weil.

“Companies will need to upgrade their risk management substantially to cope with the growing threat of cyber attack, including introducing disciplines such as stress-testing, and creating a joined-up recovery plan that brings together financial, operational and reputational responses”.

Among the report’s other recommendations are the promotion of the Government’s Cyber Essential Scheme, which can offer improved risk assessment and cyber security best practices, by insurers, in order to encourage greater adoption.

Marsh is planning to support this by launching a new cyber insurances product for SMEs which will deal with the cost of obtaining Cyber Essentials certification.

What do you know about famous hackers? Take our quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

View Comments

  • When you consider that the rising number of cyber security attacks in the UK is estimated to have doubled between 2013 and 2014 in the UK, causing the economy billions of pounds, it is evident that business must improve the ways they manage this ever-growing cyber security risk. The need for cyber-insurance strategies is clear; however each business must also take responsibility for providing their own layers of strong online security to ensure enhanced security against external threats. Due diligence will reveal there are efficient and cost-effective ways to ensure a business is not exposed to a breach.
    Increasing password security policies, for example, considerably boosts the security of any organisation. Such a step can also help companies ensure strong security policies are being integrated throughout the workforce, especially when accounts are being shared amongst colleagues. More undoubtedly needs to be done to stop the threat of cyber attacks in the UK. The good news is that a little common sense can help UK organisations sure up their defences without splurging on hugely expensive premiums.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago