Two-thirds of UK businesses financially unprepared for cyber attack

Only half of organisation discuss cyber attacks at board level

Hacking

Only a third of UK businesses have a financial plan in place in the event of a cyber attack, according to a new survey by Lloyds Bank.

The research also found that if attacked, a third would pay a ransom to get their systems and data back. Almost two thirds (65%) of companies thought it would take them six months or more to recover from a disruptive cyber attack, while almost a fifth (18%) said one year or more to recover.

The survey found that only half (53%) of companies regularly discuss cyber risk at their board meetings while only a quarter (24%) of firms have dedicated cyber insurance. More than four in ten businesses (43%) do not have a financial cash reserve in place for an attack.

The survey of 150 executives (from small and medium-sized businesses up to larger global corporates) at Lloyds Bank's recent Cyber Beyond IT event in London showed that only a third (32%) have a financial resilience plan in place.

"A common problem faced by businesses is failing to understand the full financial impact of a cyber attack," said Giles Taylor, head of data and cyber security at Lloyds commercial banking.

"Businesses recognise there will be disruption, but if recovery is going to take months or years rather than weeks, then without a plan the financial implications can be disastrous. A cyber crisis can quickly turn into a liquidity crisis and the sudden drain on cash reserves could affect a firm's ability to pay staff or suppliers and stay afloat," he said.

"Our findings highlight the fact that organisations are not considering all of the knock-on effects of a cyber attack and don't always have sufficient financial plans in place. Strong governance, operational and financial planning should be at the heart of any cyber response activity so that they are better equipped to minimise any potential harm."

Bill Evans, senior director at One Identity, told IT Pro that security must be a board-level discussion. 

"One need only look across any variety of news reporting agencies to understand why. Reasons to make this a board level discussion include GDPR violations with their hefty fines, damage to brand in the court of public opinion, and loss of revenue as customer confidence wanes in the wake of a breach," he said.

David Emm, principal security researcher at Kaspersky Lab, told IT Pro that robust IT security strategies should be implemented in a business from the ground up.

"It's about prevention, rather than recovery but having cyber insurance can provide additional peace of mind. The growth in the number of organisations purchasing these insurance policies reflects the importance that business owners and decision makers are and should be placing on their IT security. In today's complex threat landscape, any company not implementing comprehensive security measures could struggle or fail to recover from a breach or attack," he said.

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

Five business benefits of hyperconvergence
data centres

Five business benefits of hyperconvergence

16 Feb 2021
How to spot a failing digital transformation project
digital transformation

How to spot a failing digital transformation project

22 Jan 2021
CTO job description: What does a CTO do?
Business strategy

CTO job description: What does a CTO do?

22 Jan 2021
Best business tablets 2021
Hardware

Best business tablets 2021

19 Jan 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

26 Feb 2021