Two-thirds of UK businesses financially unprepared for cyber attack

Only half of organisation discuss cyber attacks at board level

Hacking

Only a third of UK businesses have a financial plan in place in the event of a cyber attack, according to a new survey by Lloyds Bank.

The research also found that if attacked, a third would pay a ransom to get their systems and data back. Almost two thirds (65%) of companies thought it would take them six months or more to recover from a disruptive cyber attack, while almost a fifth (18%) said one year or more to recover.

The survey found that only half (53%) of companies regularly discuss cyber risk at their board meetings while only a quarter (24%) of firms have dedicated cyber insurance. More than four in ten businesses (43%) do not have a financial cash reserve in place for an attack.

The survey of 150 executives (from small and medium-sized businesses up to larger global corporates) at Lloyds Bank's recent Cyber Beyond IT event in London showed that only a third (32%) have a financial resilience plan in place.

"A common problem faced by businesses is failing to understand the full financial impact of a cyber attack," said Giles Taylor, head of data and cyber security at Lloyds commercial banking.

"Businesses recognise there will be disruption, but if recovery is going to take months or years rather than weeks, then without a plan the financial implications can be disastrous. A cyber crisis can quickly turn into a liquidity crisis and the sudden drain on cash reserves could affect a firm's ability to pay staff or suppliers and stay afloat," he said.

"Our findings highlight the fact that organisations are not considering all of the knock-on effects of a cyber attack and don't always have sufficient financial plans in place. Strong governance, operational and financial planning should be at the heart of any cyber response activity so that they are better equipped to minimise any potential harm."

Bill Evans, senior director at One Identity, told IT Pro that security must be a board-level discussion. 

"One need only look across any variety of news reporting agencies to understand why. Reasons to make this a board level discussion include GDPR violations with their hefty fines, damage to brand in the court of public opinion, and loss of revenue as customer confidence wanes in the wake of a breach," he said.

David Emm, principal security researcher at Kaspersky Lab, told IT Pro that robust IT security strategies should be implemented in a business from the ground up.

"It's about prevention, rather than recovery but having cyber insurance can provide additional peace of mind. The growth in the number of organisations purchasing these insurance policies reflects the importance that business owners and decision makers are and should be placing on their IT security. In today's complex threat landscape, any company not implementing comprehensive security measures could struggle or fail to recover from a breach or attack," he said.

Featured Resources

Five lessons learned from the pivot to a distributed workforce

Delivering continuity and scale with a remote work strategy

Download now

Connected experiences in a digital transformation

Enable businesses to meet the demands of the future

Download now

Simplify to secure

Reduce complexity by integrating your security ecosystem

Download now

Enhance the safety and security of your people, assets and operations

Enable a true vision of security with an engineered solution based on hyperconverged and storage platforms

Download now

Recommended

How to delete a Facebook business page
social media

How to delete a Facebook business page

15 Sep 2020
What does a CISO do?
Careers & training

What does a CISO do?

17 Aug 2020
Amazon Contact Lens gives call center managers real-time call insight
Amazon Web Services (AWS)

Amazon Contact Lens gives call center managers real-time call insight

23 Jul 2020
What is Facebook Analytics?
analytics

What is Facebook Analytics?

10 Jul 2020

Most Popular

Accenture ploughs $3 billion into cloud migration support group
digital transformation

Accenture ploughs $3 billion into cloud migration support group

17 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
Google Pixel 4a review: A picture-perfect package
Google Android

Google Pixel 4a review: A picture-perfect package

18 Sep 2020