Hiscox cyber readiness image

The Hiscox Cyber Readiness Report 2021

Download Report

US businesses lead globally when it comes to cyber expertise, but often fall at the final hurdle

The Hiscox Cyber Readiness Report 2021™ reveals that US firms are a global leader in cyber readiness, with more classified as ’cyber experts,’ (25%) compared to other countries. But there is still work to be done when it when it comes to dealing with ransomware and phishing emails, as US businesses are the most likely to pay a ransom. To gauge businesses’ preparedness to combat cyber incidents and breaches, Hiscox surveyed over 6,000 professionals from the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland who are responsible for their company’s cyber security.

Download 2021 Cyber Readiness Report PDF

To receive more content like this from Hiscox USA, including market-leading research, reports and articles from our experts on running a small business, enter your email address here:


In this year’s report, we saw a disparity when it came to the level of cyber expertise US businesses have versus the actions they take when an attack actually occurs. Although the US is a global leader in cyber expertise, US businesses are also most likely to pay a ransom, as 71% of those targeted paid up. US businesses are still falling victim to phishing emails, which is the most common method of entry for ransomware in the US (60%).

US Cyber Readiness Info Chart

The events of 2020 only exacerbated these vulnerabilities. Since the start of the pandemic, 49% of US businesses have become more vulnerable to cyber attacks. When considering the nationwide shift to remote working, 62% of US businesses believe they are now more vulnerable than they were pre-pandemic.

quotation marks

“The world of work has changed forever. Managing cyber security in one office location has morphed into managing cyber security in huge numbers of workspaces across the country, almost overnight. The pandemic-induced chaos has bred opportunities for cyber criminals, and they’ve been taking advantage. US businesses have come a long way when it comes to cyber expertise, but we cannot stand still. Cyber criminals are voracious in adapting and mutating their digital viruses, and continuous education and proactive security serve as our digital face masks.”

Meghan Hannes
Cyber Product Head, Hiscox USA

Prevent attacks for the best possible outcome

For most organizations, prevention starts with a robust cyber security strategy and budget. US businesses increased their cyber security spending from $2.4 million each in last year’s report, to $2.6 million this year's report.

US Cyber Readiness Bar Chart

Despite this positive trend in cyber readiness, nearly half (48%) of all respondents agree their organization remains at risk of suffering a cyber incident.

Detect threats early to reduce costs

Identifying and isolating an attack quickly keeps costs down, and the best way to do that is to enhance the cyber knowledge of the entire organization. The US is the global leader for having the most firms that are cyber experts at 25%, however, US businesses are the least likely to have defended or remediated all cyberattacks before they resulted in negative outcomes, such as bad publicity or losing business partners (6%).

US Cyber Readiness Vertical Bar Chart

Mitigate the damage when an attacks occurs

It isn’t always possible to prevent a cyber attack, but the response to an attack can be managed. There’s good reason to handle a cyber attack quickly and effectively, as 88% of US businesses experienced a negative financial impact from DDoS or ransomware attacks and on average, the mean financial impact was -43%. Furthermore, 72% of US businesses agree that it will damage their brand if client and partner data is not handled securely.

Want to know how your business stacks up?

Learn how your business stacks up on cyber security and how you can be more cyber ready with our quick, easy and free cyber health check. It takes only three minutes to complete.

Want a more comprehensive review of your cyber security and to see whether you’re a cyber novice, opportunist or expert? Complete our complimentary, in-depth cyber readiness review in around fifteen minutes.

Cyber Insurance

Make sure your company is cyber ready. This year, US firms continue to lead in insurance and are most likely to have standalone coverage (33%). More than just financial protection, 53% of US businesses plan to use employee training offered by their insurance provider.

Early detection goes a long way toward limiting the potential damage of a cyber attack, but the right insurance can mitigate losses effectively. In addition to paying claims that stem from an attack, Hiscox cyber policies include free access to a team of breach response specialists who will spring into action as soon as an attack is reported. They will help with notification requirements, damage control and more.

Find out more

Learn how your business stacks up and how you can be more cyber ready by downloading the full report.

Download 2021 Cyber Readiness Report PDF

To receive more content like this from Hiscox USA, including market-leading research, reports and articles from our experts on running a small business, enter your email address here:


The content is provided for general informational purposes and is not intended to and does not constitute business or legal advice to any particular person or entity.