Cybersecurity spending

The United States’ leading small business insurer Hiscox has issued a report stating that US businesses have increased their cybersecurity spending. It also mentions US firms as the leaders in the cybersecurity space. 

But the annual Hiscox Cyber Readiness Report also notes that US businesses have to do more to fight ransomware attacks and phishing emails. Hiscox interviewed more than six thousand cybersecurity experts under the study. The study was conducted in the US, UK, Germany, Ireland, Belgium, Spain, Netherlands, and France. It includes inputs of more than 1000 US cybersecurity professionals. 

Here’re the key takeaways of the study:

Cybersecurity Spending Has Risen

The study revealed that US businesses are spending more on cybersecurity than before. The average spending has increased to $2.6 million per business. It was $2.4 million in 2020. 

Ransomware and Phishing Emails

Ransomware attacks have increased, with US companies being the prime target. The study also found that US businesses are more likely to pay a ransom. 

Seventy-one percent of the victims have paid an average of $17,959 as ransom in the past year. Bad actors use phishing emails as their primary method (60%) to target businesses. 

Financial and Reputational Damages

DDoS or ransomware attacks impact the finance and reputation of businesses. The report states cybersecurity incidents affected the financial standing of 81 percent of US companies. The average economic damage was -43 percent. Also, 72 percent of the companies said that not handing client and partner information securely will negatively affect their brand. 

Cybersecurity Spending and Expertise: US Firms Lead From the Front

The study mentions that 25 percent of US firms have expertise in cyber defense, followed by the UK at 23 percent. But it is surprising to see that US companies scored lower (6%) than the UK (13%) when it comes to defending or remediating cyber incidents before experiencing bad outcomes. 

Other important highlights of the study include the following:

  • Most US companies (34%) said that malicious actors used their websites to infiltrate their systems and networks.
  • US companies are also at the front in cyber insurance purchases. Most businesses (33%) are likely to have cyber liability insurance. And 53 percent of companies want to train their employees in cyber hygiene with the help of their insurance providers. 
  • Forty-nine percent of US companies think they are more at risk of cyberattacks during the COVID-19 pandemic because most of their teams work from home. 

The Cyber Product Head for Hiscox in the US, Meghan Hannes, said that how we used to work has changed permanently. Now businesses have to manage cybersecurity in multiple offices spread across the country, round the clock, Meghan added. She further said that COVID-19 triggered chaos, creating ideal conditions for cybercriminals to act on their plans. 

While US companies are the leaders in cybersecurity, there’s still a long way to go. Bad actors are always on the lookout for new and sophisticated methods to attack businesses. They are using new technologies to adapt and mutate their digital viruses. As such, companies must do more to enhance their cyber defenses.