A new study from insurer Hiscox shows that cyberattacks on U.S. businesses are more frequent and more expensive than ever before.
The annual Hiscox Cyber Readiness Report, which gauges businesses’ preparedness to combat cyber incidents and breaches, surveyed over 5,000 professionals responsible for their company’s cybersecurity from the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland.
US businesses, specifically, are more concerned about cyberattacks (46%), than the pandemic (43%), or skills shortages (38%) – and rightfully so. Other key findings among the more than 900 US professionals surveyed include:
- About 47% of all US businesses have suffered an attack in the past 12 months.
- The number of US firms reporting a cyberattack has jumped 7% in the past year.
- Attacks costing $25,000 or more have also increased from 34% to 40%.
- The median cost of an attack as of 2022 is $18,000, up from $10,000 last year.
- Eighty-four percent of companies that experienced a ransomware attack paid attackers to resolve the issue.
As a result, more businesses are investing in IT and security as well as considering purchasing a standalone cyber insurance policy.
- About 34% of US businesses have a standalone cyber insurance policy, a number that is holding steady.
- The number of businesses without a policy or plan to purchase one dropped from 18% in 2021 to 12% in 2022.
- The pandemic has prompted businesses to double their overall IT spend from $11.5m in 2021, to $24.2m in 2022.
There is, however, a gaping divide between what large and small organizations around the world are willing or able to spend. While larger companies may perceive themselves as being at greater risk and beef up their security, attackers are more likely to go after smaller, easier targets.
- For enterprise firms of 1,000-plus people, cyber security spending is up 65%. Firms with 1,000-plus employees are more likely to have recovered their data successfully (68% compared with 59% on average) and much less likely to have had their data leaked (20% compared with 29% on average).
- Average spending by firms with 250 to 999 people has doubled in the past year. Average number of attacks: up from 45 to 69.
- Firms with between ten and 49 employees have cut budgets almost in half, from $411,000 to $225,000. Average number of attacks: up from 31 to 56
- Among those with under ten employees, spending has collapsed – from an average $150,000 to just $29,000. Average number of attacks: up from 11 to 40.
Mean security spending across all respondents worldwide increased 60% in the past year to $5.3m and is up 250% since 2019.
Experience, however, is unfortunately a good teacher when it comes to cybersecurity. Overall, of those surveyed, those who have gone through cyberattacks are the most apprehensive about the damage that could be done to their businesses and brands. More than half of cyberattack victims (55%) see cyber as an area of high risk. Only 36% of non-victims consider it a high-risk issue. However, 72% of companies agree a breach would damage their brand.
To learn more about cybersecurity vulnerabilities and what steps organizations of all sizes are taking to secure their data, check out the full report: Hiscox Cyber Readiness Report 2022
Topics USA
Was this article valuable?
Here are more articles you may enjoy.
Deere Retreats From Diversity Measures After Online Attacks 
AIG Files Amended Suit Against Former Execs, Dellwood Insurance 
Allstate Reports Second Quarter Pretax Catastrophe Losses of $2.1B 
What Happened to Reinsurance ‘Class of 2023’? Hard Market Defies Age-Old Patterns. 
