Skip to main content

Many businesses (still) not protected against cyberattacks, report says

02 March 2023

In January’s edition of The Word, we commented on the threat to cybersecurity in today’s modern economy, with public sector firms being a particular target.

With ongoing developments in paperless management solutions, and the online collection of data, cyberattacks have become increasingly profitable for criminals. Following suit, cybersecurity measures have become more robust and better equipped to address these risks.

The latest data from Information Commissioner’s Office highlights that the number of data security incidents being reported to the ICO has fallen significantly to around 2,000 reported attacks in quarter 2 in 2022, from over 3,000 reported attacks in the same quarter in 2019. This decrease in data breaches may be attributable to the rise of cyber insurance products, as more robust cybersecurity measures are required to be in place. 

Despite this, further data illustrates that many companies are not adequately prepared against attacks. A recent survey by Munich Re, found it was becoming increasingly common for companies only to be considering cyber insurance rather than having protection in place.

Considerations for insurers

With many businesses not adequately protected to face the challenge of cyber-attacks, cyber insurance remains an insurance product in demand. However, whilst there is some tentative evidence that the number of data security incidents may be coming down, there is also evidence that some business may be relying on insurance as their main form of defence, rather than technical measures. Underwriters should therefore ensure their underwriting controls remain robust in relation to the measures taken by their insureds to minimise the risk of an incident occurring on the first place.

You may be interested in...