Skip to main content
  • Claims Center
  • Contact Us
  • Español
  • Brokers & Agents
Hiscox Insurance
Menu Toggle
  • Home
  • Small Business Insurance Toggle Menu Toggle Menu
  • Why Hiscox Toggle Menu Toggle Menu
  • Resources Toggle Menu Toggle Menu
  • Policy Management Toggle Menu Toggle Menu
  • Claims Center
  • Contact Us
  • Español
  • Brokers & Agents
  • About
  • Get a Quote Get a Quote
  • About
  • Get a Quote Get a Quote
  • Blog Home
    Start Your Business
    Grow Your Business
    Protect Your Business
    Celebrate Courage
    Search

    Twenty-Four Seven

    Sign up to get the latest small business news delivered right to your inbox.
    Protect Your Business
    February 6, 2018
    Hiscox Cyber Readiness Report Cover

    Hiscox Cyber Readiness Report: 3 Steps to business cyber security

    Cyber | Industry Spotlight
    By: Hiscox Blog

    Share Image

    Embed Image

    Copy

    Share Article:

    The thought of a cyber-attack is enough to strike fear into the heart of anyone. From targeted attacks like the Equifax breach to the widespread WannaCry ransomware hack to individual spearfishing attacks, it seems no one is safe. But there are steps every business can take to minimize the impact of an attack. Here’s how to become cyber ready in three steps.

    Hiscox recently released the 2018 Hiscox Cyber Readiness report, based on a survey by Forrester of 4,100 companies in the US, UK, Germany, Spain and the Netherlands. The report explores the degree to which companies are prepared to prevent or withstand a cyber-attack.

    download button for cyber readiness report.

    Each company surveyed was rated an expert, intermediate or novice when it came to their level of preparedness. Alarmingly, only 13% of US companies fell into the ‘expert’ category. Over two-thirds  (70%) of companies were rated as cyber novices.

    What makes a cyber security expert?

    In order to become an expert in cyber security, you want to do three things.

    1. Prevent an attack on your organization. This means having a response plan in place and practicing what to do in the event of an attack. The entire organization should be trained on potential hacks like spearfishing, malware and password attacks. The focus on cyber awareness needs to come from the corner office, and the entire c-suite needs to be invested in the process.
       
    2. Detect an attack as early as possible, if one occurs. A comprehensive training program includes teaching employees to be on the lookout for suspicious activity that would indicate an attack has occurred.
       
    3. Mitigate the impact of an attack on your organization. Having a tight response plan in place will help, as will early detection. Having cyber insurance, either as a stand-alone policy or as a component of your business liability coverage, will reduce your out of pocket exposure and may provide crisis management services as part of the policy.

    In order to accomplish these three steps, there are several key factors at play.

    • Awareness. Everyone in the organization needs to be aware of the possibility of an attack. They need to know what they can do to prevent one, including the best practices for passwords and the warning signs of phishing.
       
    • Strategy. Have a plan in place to deal with a cyber-attack as soon as it is recognized. Specific duties should be assigned to specific individuals, and everyone must know their role. Revisit the plan periodically to ensure it addresses new threats.
       
    • Engagement. Involvement from the C-suite is critical. Cyber security strategy should be set with input and support from the very top of the organization. Everyone in the organization should be aware of the policy on cyber security and what their specific role is.

    The true cost of an incident

    Spending money on cyber security doesn’t make one an expert, although the experts do have higher spend rates than others. Cyber experts had double the IT budgets of novices ($19.8m vs. $9.9m), and spent a higher percentage of their IT budget on cyber (12.6% vs. 9.9%.) And spending is often the easy part. You also need a rigorous set of processes and awareness of the issues.

    The cost of a cyber security incident is daunting. Among the companies who were able to estimate the cost of the attacks they suffered in the last 12 months, the average cost was $229,000. Larger companies incurred higher costs, with the average cost to the largest companies estimated at $1.05 million in the US. The highest cost estimate for a single organization in the US was $25 million.

    If the cost of a potential threat were not enough to spur action, perhaps regulation will be. In May of this year, the EU will institute its General Data Protection Regulations (GDPR) which will impose stiff fines for failure to institute preventative measures. Note that this rule applies not only to the countries in the European Union, but to anyone who collects personal information about citizens of the EU. 

    The 2018 Hiscox Cyber Readiness Report shows that most US companies have a ways to go before they can be considered cyber ready. With diligence and dedication, they can get there.

     

    Protect Your Business

    Protect the business you’ve worked so hard to build. Get a fast, free quote and your business could be covered today.

    Get a Quote
    Get a Quote
    Subscribe to our newsletter

    Related Articles

    5 Min Read
    Small business owners in capes, protecting what they've built from impacts of recession

    Ideas on how to make your business recession-proof

    Management | Entrepreneur

    Here’s what you need to know about the recession and some things you can do to reduce its impact on your small business.

    Read More

    4 Min Read
    sole proprietor learning what insurance policies are best for her business.

    Useful information on the best insurance for sole proprietors

    Insurance 101 | Entrepreneur

    As a sole proprietor, were you aware that you should have business insurance? Get the details on what type of policies are best for your small business needs.

    Read More

    3 Min Read
    Man sits on couch with telehealth professional on laptop

    Telehealth: Risks and rewards for your healthcare business – and what comes next

    Management | Cyber

    Many health and wellness providers are offering their services virtually. Here’s what you need to know about the risks, rewards, and future of telehealth. 

    Read More


    We’re here to help.
    We provide tailored insurance for the specific risks you face, so you can take the right risks to grow your business.
    Get a Quote
    Get a Quote

    Footer menu 1

    • What We Cover
      • Business Insurance
      • General Liability Insurance
      • Professional Liability Insurance
      • Errors and Omissions
      • Cyber Security Insurance
      • Workers Compensation
      • Other Coverage
    • Who We Cover
      • Small Business Owners
      • LLC
      • Sole Proprietors
      • Entrepreneurs
      • Side Hustle
      • Contractors
      • Home Businesses
    • For Our Customers
      • Refer a Friend Program
      • Covid-19 Response
      • Claims Center
    • For Business Owners
      • Save with our Partners
    • About Hiscox
      • About Us
      • Careers
      • Contact Us
      • Hiscox Corporate
      • Investors
      • Foundation
      • Newsroom
      • We Stand Together
      • Affiliate Partner Program

    Footer menu 2

    • Accessibility
    • Site Map
    • Privacy Policy
    • Terms of Use
    • Legal Notices
    • Español

    Feefo Reviews: Hiscox rated 4.7/5 with 1,067 reviews between January 1, 2022 - January 1, 2023

    * Any cost, premium, or coverage stated before an official customer quote are estimates and an approximation and are not guaranteed. Actual cost, premium, and coverage are subject to the unique considerations of each individual risk. Customer quotes are based on the information provided to Hiscox, and are subject to required underwriting and rating factors. Until an official customer quote is provided, all communication on this website or advertisement is provided as an example for informational purposes only, and is neither an offer nor a guarantee of available premium or coverage. Any coverage afforded by the products described are subject to and governed by the terms and conditions of each policy issued. This information may not be used to modify any policy that might be issued. Any information provided to assist in understanding the coverage we offer does not modify any insurance policy, nor does it imply that any claim is covered.

    © 2023 Hiscox Inc. All rights reserved. Underwritten by Hiscox Insurance Company Inc., 30 N. LaSalle St., Suite 1760, Chicago, IL 60602. As of December 31, 2021, HICI had admitted assets of $1,250,758,353 and policyholders surplus of $332,792,666. Total liabilities were $917,965,687 (inclusive of $433,752,764 of loss reserves) and paid-up capital stock was $4,242,000.

    icon-facebook
    icon-youtube
    icon-twitter
    icon-linkedin