Cyber Crime on the Rise
It will come as no surprise to learn that cybercrime is on the rise. And although a recent report from Hiscox1, compiled in collaboration with research firm Forrester, suggests that we are becoming better equipped to deal with the attacks, the losses associated with the attacks are still rising. Cyber losses have risen nearly six-fold worldwide in the last 12 months alone!
How Does the UK Fair?
The report highlights regional difference and some of the largest losses were seen in the UK. One UK financial services firm had total losses of $87.9 million. The largest loss from a single cyber event was also in the UK, costing the professional services company in question a cool $15.8 million. However its not all bad news for the UK as the region had the lowest number of breaches and the highest ratio of incidents to breaches, suggesting the UK is leading the way in thwarting attacks.
Sectors Bearing The Most Pain in 2020
Sectors bearing the most painMedian losses ($) |
||
| 2020 | 2019 | |
| Energy | 337,000 | 10,000 |
| Manufacturing | 100,000 | 12,000 |
| Financial Services | 166,000 | 30,000 |
| TMT | 76,000 | 10,000 |
| Pharmaceuticals | 60,000 | 10,000 |
Source: Hiscox Cyber Readiness Report 2020
We now see Energy and Manufacturing at the top of this list.
The Hiscox view is that;
“We have seen a shift in the hackers’ behaviour in the last six to 12 months as they focus their efforts more on industries such as Energy and Manufacturing. We believe there are three reasons for this. Firstly, reliance on automation (i.e. managed by computers). Secondly low maturity in cyber resilience (e.g. poor back-ups, limited disaster recovery planning or testing). Finally, low tolerance to what is often a high-impact outage. This offers rich pickings for ransomware attacks.”
We think it is not just the fact that hackers are able to hold an organization to ransom by divulging sensitive data. For utility companies, breaching their systems also offers the possibility of widespread power outages bringing towns, or even entire countries, to a stand still, as well as undermining critical national security and defense infrastructure. Hackers can gain control, from close range or long distance, of nuclear facilities, power grids, and power generation facilities making this type of organization attractive to a wider range of activist or terrorist hacker.
Keith Archer, Commercial Director for activereach, adds
“Recently there has been an increasing awareness by energy companies of the growing threat to that sector. This has resulted in a keen interest to review and upgrade their cybersecurity profile on an ongoing basis to keep pace with the speed that threat actors are evolving their attacks.”
However we do still see Financial Services high on the list (and we have blogged about this before). Their access to sensitive financial data as well as the ability to transfer billions of pounds in the blink of an eye is always going to keep them pretty close to the top of the list.
Is Your Industry Sector at Risk for 2021?
Hiscox’s report ranks the different sectors of UK firms by the cyber security threats they are facing, revealing how ready each industry is to defend against cyber threats. It looks at the number and cost of cyber events alongside the strength of various cyber protections.
Source: Hiscox Cyber Readiness Report 2020
We still see Energy at the top of this “risk list” so it looks like there is no respite for the energy sector this year. And it is not much of a surprise to also see Financial Services and Pharma not far behind. So no big changes in sector risk profile for 2021.
No Organization is Safe
However, just because your industry is not on this list does not make you safe. The cyber threat landscape is evolving at an alarming pace and now more than ever it is a case of when you will be subject to an attack rather than if. So whatever your industry, make sure you have a resilience plan in place and are ready to detect and repel an attack.
To find out more about how activereach can help you with your current cybersecurity challenges, or to conduct a cyber risk assessment, please call us on 0845 625 9025 or complete our contact form.
1 The Hiscox Cyber Readiness Report 2020. https://www.hiscox.co.uk/cyberreadiness
