New research from Howden highlights the significant financial toll cyberattacks have had on UK businesses, with an estimated £44 billion in revenue losses over the past five years. The survey, conducted by YouGov in September 2024, found that 52% of UK companies reported experiencing at least one cyber incident during this period. Notably, larger organizations with annual revenues over £100 million were the most frequent targets, with 74% of them having fallen victim to cyberattacks. However, small and medium-sized enterprises (SMEs) were also affected, with 49% of those with revenues between £2 million and £50 million reporting similar breaches.
The research revealed that email compromises and data theft were the most common types of cyber incidents. These attacks have proven costly for UK businesses, with compromised email incidents averaging losses of £2.1 million, and data theft incidents resulting in an average loss of £2 million. Despite the growing threat, many UK companies continue to lag behind in adopting essential cybersecurity measures. Only 61% of businesses reported using antivirus software, and just 55% had network firewalls in place—two fundamental components of a robust cybersecurity strategy.
One of the main obstacles to enhancing cybersecurity defenses in the UK is the cost, along with a lack of knowledge and insufficient internal IT resources, which were cited as barriers by 26% of businesses. However, Howden’s research suggests that adopting basic cybersecurity practices could dramatically reduce the financial impact of cyberattacks. According to the report, UK businesses could save up to £30 billion over the next decade by implementing essential security measures, with each business potentially saving an average of £3.5 million over ten years.
To improve cyber resilience, businesses are calling for policy changes that could include tax relief on cybersecurity investments and greater access to expert resources. Many also advocate for the introduction of compulsory minimum cybersecurity standards and mandatory cyber insurance. Howden’s Sarah Neild emphasized the importance of engaging with SMEs, a segment historically underserved by the cyber insurance market, to help strengthen the UK economy’s resilience against cyber threats and protect against future revenue losses.
Reference:
