7 cybercrime stats every business owner should read


Cyberattacks are more common than many businesses realise and the threat posed by hackers is growing year on year. With 98% of UK businesses now dependent on online services, being forced offline for any period of time can prove extremely costly.

So, it’s important that you’re not only taking steps to minimise your risk of being targeted, but also that you’re covering the cost of any potential business interruption with the appropriate insurance.

However, if you’re still unsure how much time and effort you need to commit to bolstering your business’ cyber defences, the following statistics might help you decide:

1.       The average annual cost of lost data or assets following a breach for businesses is £4,180 – this figure rises to £9,470 for charities.

The average costs faced by larger businesses in these cases tend to be much higher: £9,270 for medium firms and £22,700 for large firms, as per the UK Government’s Cyber Security Breaches Survey 2019.

Given the uncertain economic outlook in the UK right now, businesses can scarcely afford to have any unexpected costs eating into their revenues – it could be the difference between making an annual profit or a loss.
A digital padlock in-front of a hand

2.       The maximum fine under the new GDPR legislation is up to 4% of annual global turnover or €20 million – whichever is greater – for organisations that infringe its requirements.

As all businesses should already know, the General Data Protection Regulation (GDPR) was introduced in 2018 to give control to individuals over their personal data – but also to ensure businesses who collect and manage data are taking appropriate action to protect it from misuse and exploitation.

What that means is, if your business suffers a cyberattack in which data is stolen, you will be required to report the incident within 72 hours and you could be asked to outline your cyber security policies and processes.

If the regulator deems that you haven’t taken adequate steps to protect your customers’ data, your business could be heavily fined.

3.       Just 30% of businesses have made changes to cyber security because of GDPR

In light of the previous statistic, the fact that less than a third of businesses say they have taken extra steps to secure their cyber defences following GDPR’s introduction, as per the Cyber Security Breaches Survey 2019, is concerning.

If you fall into the majority that have yet to re-evaluate cyber security policies in the last couple of years – perhaps assuming that because you have yet to suffer an attack, you’re safe – then you should really think about addressing that.

4.       Nearly half of businesses with breaches claim they happen at least once a month

Some 48% of organisations who suffered a breach in 2018 had to fight off an attack at least once a month. As much as anything else, this underlines the persistence of cyber criminals – they will often keep trying until they’re successful, especially if the reward is great enough.

5.       The total cost of cyber security breaches to UK mid-market businesses has reached at least £30 billion per year.

More than half (53%) of the companies survey in Grant Thornton’s report ‘Cyber Security – the Board Report’ reported losses equivalent to 3-10% of revenue following a cyber-breach. For those businesses hit most severely, losses can reach up to 25% of revenue. Six per cent of the businesses surveyed reported a loss of this size (11 to 25% of revenue).

According to the Government’s report, businesses often underestimate the cost of cyber security breaches – in particular, the indirect costs, long-term costs and intangible costs of breaches such as lost productivity or reputational damage.
A padlock in-front of lines of computer code

6.       Over half of UK businesses do not have a cyber-incident response plan in place

Almost three-quarters (70%) of the mid-market companies interviewed in Grant Thornton’s survey felt confident in their ability to respond consistently at any time to a cyber-attack across their entire organisation. However, more than half (59%) of the businesses surveyed admitted that they don’t have cyber-incident response plans in place.

Grant Thornton says this suggests that many businesses have misplaced confidence in their cyber capabilities. Crucially, the research also found that companies that have an incident response plan in place experience lower financial losses from a cyber-attack than those that don’t.

7.       80% of businesses who have experienced a breach or attack found that they were related to staff receiving fraudulent emails

This statistic is worrying because it suggests that the biggest threat to any business is its staff. While your employees may not be putting your business at risk deliberately, a lack of knowledge and awareness about cyber threats is almost as bad.

This is why it’s crucial that you educate your staff on cyber security. Currently, only a quarter (27%) of UK businesses have staff attend any type of cyber security training, according to Government data.

More encouragingly, there are a large number of sectors that stand out as being more likely to train their staff. These include finance or insurance (56%, vs. 27% overall), information or communications (45%), health, social care and social work (45%), education (42%), and professional, scientific or technical firms (37%).
However, it’s clear that all businesses are committed to educating their staff.

Don’t put your business at unnecessary risk

A cyber attack can force your business offline. However, even if your business stops operating, your costs won't. Rent, salaries, and other expenses will keep accruing. Without business interruption insurance, you're left to pay for this out of pocket, all while generating little to no income.

At Insurance Choice Commercial, we’ve been arranging competitive insurance for over 20 years, specialising in tailoring commercial property Insurance policies to meet your individual or business’ requirements. We can also offer flexible payment solutions, including spreading the cost of your insurance in monthly instalments.

Business interruption cover can easily be added to your commercial property insurance policy – do it today, as you don’t know what tomorrow might bring.

It’s easy to get a quote with us. Simply call 01384 429900 now, or fill in the contact form and we’ll call you back at a time that suits you.