Cyber Security Spending has Risen Over the Last Year to $2.6m per US Firm, Reveals Hiscox Cyber Readiness Report 2021

New York, NY – April 19, 2021 – Hiscox®, the international specialist insurer, reveals that US businesses’ cyber security spending is on the rise and they are leaders in cyber expertise, but still have more work to do when it comes to ransomware and phishing emails.

The annual Hiscox Cyber Readiness Report™, which gauges businesses’ preparedness to combat cyber incidents and breaches, surveyed over 6,000 professionals responsible for their company’s cyber security from the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland. Key findings specific to the more than 1,000 US professionals surveyed include:

  • The US is an easy target for ransomware criminals: Out of the countries surveyed, US businesses are most likely to pay a cyber ransom, where 71% of those targeted paid up. The companies who succumbed to the demands paid an average of $17,959 in ransoms over a 12 month period.
  • Phishing emails should not be underestimated: The most common method of entry for ransomware in the US is phishing emails (60%).
  • Websites are not just an important touchpoint for honest customers: US businesses report the most experiences of cyber criminals attacking their websites as the first point of entry (e.g. via DDoS) at 34%.
  • Cyber attacks impact the bottom line and the brand: Eighty-eight percent of US businesses experienced a negative financial impact from DDoS or ransomware attacks. On average, the mean financial impact on revenues was -43%. Furthermore, 72% of US businesses agree that they will damage their brand if client and partner data is not handled securely.
  • US firms start strong, but often fall at the final hurdle: US firms are the leader globally with the most firms classified as cyber experts at 25%, followed by the UK at 23%. However, UK firms were the most likely (13%) to have defended or remediated all cyberattacks before they resulted in outcomes such as bad publicity or losing business partners, and US firms were the least likely (6%).
  • Cyber insurance is much more than just financial protection: US firms continue to lead in insurance purchasing and are most likely to have standalone coverage (33%). More than just financial protection, 53% of US businesses plan to use the employee training offered by their insurance provider.
  • Cyber security spending has increased: Mean cyber security spending has risen from $2.4 million per US firm last year, to $2.6 million this year.
  • The pandemic has increased vulnerability to digital viruses: Since the start of the coronavirus pandemic, 49% of US businesses overall believe they are more vulnerable to cyber attacks. When more employees are working from home, 62% of US businesses believe they are more vulnerable.

“The world of work has changed forever. Managing cyber security in one office location has morphed into managing cyber security in huge numbers of workspaces across the country, almost overnight. The pandemic-induced chaos has bred opportunities for cyber criminals, and they’ve been taking advantage,” said Meghan Hannes, Cyber Product Head for Hiscox in the US. “US businesses have come a long way when it comes to cyber expertise, but we cannot stand still. Cyber criminals are voracious in adapting and mutating their digital viruses, and continuous education and proactive security serve as our digital face masks.”


Related Materials

The Hiscox Cyber Readiness Report 2021

About the Study

Hiscox commissioned Forrester Consulting to assess organizations’ cyber readiness. In total 6,042 professionals responsible for their organization’s cyber security strategy were surveyed (1,000-plus each from the USA, UK, France and Germany; more than 500 each from Belgium, Spain and The Netherlands; and 300-plus from the Republic of Ireland). Respondents completed the online survey between 5 November 2020 and 8 January 2021.

We have adopted median rather than mean or average figures and restated prior-year figures in the same terms. Given the extreme variation in the underlying figures between the smallest and largest firms, this provides a more accurate representation of the respondents as a whole.

About the Hiscox Group

Hiscox is a global specialist insurer, headquartered in Bermuda and listed on the London Stock Exchange (LSE:HSX). Our ambition is to be a respected specialist insurer with a diverse portfolio by product and geography. We believe that building balance between catastrophe-exposed business and less volatile local specialty business gives us opportunities for profitable growth throughout the insurance cycle.

The Hiscox Group employs over 3,000 people in 14 countries, and has customers worldwide. Through the retail businesses in the UK, Europe, Asia and the USA, we offer a range of specialist insurance for professionals and business customers as well as homeowners. Internationally traded, bigger ticket business and reinsurance is underwritten through Hiscox London Market and Hiscox Re & ILS. In the US, Hiscox small business Insurance is underwritten by Hiscox Insurance Company Inc., a Chicago-based insurance company.

Our values define our business, with a focus on people, courage, ownership and integrity. We pride ourselves on being true to our word and our award-winning claims service is testament to that. For more information, visit

The content provided above is provided for general informational purposes and is not intended, nor shall it be deemed, to be a solicitation of insurance with regard to any particular or specific person or entity.

Media Contact

Lucy Baines
Hiscox USA
+1 646 560 9399
[email protected]