Approximately one-third of UK business leaders would pay a ransom if they suffered a cyber attack, with one in ten willing to fork out £1m or more to get their systems and data back.
That is according to a survey of over 150 executives from small and medium-sized companies by Lloyds bank, finding that just 32% had a financial resilience plan in preparation for cyber attacks.
It was also found that only a quarter of the firms studied had dedicated cyber insurance, while just half discuss the risk of attacks regularly at their board meetings.
Lloyds commercial banking head of data and cyber security, Giles Taylor, said it was “startling” that a third of companies would pay a ransom when there is no guarantee they will get their data back.
“A common problem faced by businesses is failing to understand the full financial impact of a cyber-attack,” he continued.
“Strong governance, operational and financial planning should be at the heart of any cyber-response activity so that they are better equipped to minimise any potential harm.”
The survey also found that 65% of companies believe it will take them six months or more to recover from a disruptive attack, with almost one-fifth thinking it will take at least a year.
Despite this, approximately four in ten businesses do not have a financial cash reserve in place should a hacker infiltrate their firm.
This comes after previous research found that a major global cyber attack has the potential to trigger losses in excess of $50bn (£35bn), while even a half-day outage at a cloud service provider could generate losses of around $850m.
“Businesses recognise that there will be disruption, but if recovery is going to take months or years rather than weeks, then without a plan the financial implications can be disastrous,” Taylor said.
“A cyber crisis can quickly turn into a liquidity crisis and the sudden drain on cash reserves could affect a firm’s ability to pay staff or suppliers and stay afloat.”
There were a record 66 InsurTech investment deals recorded in the first quarter of this year as insurers continued to look to start-ups to improve their claims handling and underwriting excellence.
23 May 2018
Upgrading technology is the number one priority for insurers around the world, according to survey of senior executives by software provider AdvantageGo.
21 May 2018
The insurance industry is increasingly struggling to find the right staff, with just one-quarter of workers in the sector prepared to use artificial intelligence (AI) systems.
16 May 2018
Why InsurTech? A Pressured Insurance Value Chain
By Andrew Sagon, Andrew Johnston and Matthew Wong
InsurTech is a burgeoning phenomenon that is modernising the insurance industry. It is disrupting the traditional value chain whereby insurers offer loss protection, and shifting the emphasis to risk mitigation. Incumbents face disintermediation as investors in search of higher yields pour money into insurance-linked instruments in the capital markets. And entrepreneurial businesses are targeting friction costs and inefficiencies within every aspect of the traditional value chain.
Nimbleness and agility will unlock potential
By Elinor Friedman, Andrew Harley and Klayton Southwood
Recent Willis Towers Watson surveys in the U.S. have shown that P&C and life insurers in developed markets are taking seriously the potential of big data and predictive analytics to improve their businesses. Nimbleness and agility, rather than brute force, are likely to be key to realizing that potential.
Driven by technology, toolkits and talent
By Claudine Modlin and Graham Wright
Advanced analytics is helping some insurers offer innovative products and solutions. What do insurers need to know about the changing nature of analytics and whether it is worth the investment? Claudine Modlin and Graham Wright discuss technology, toolkits and talent — topics that may help you decide.
Risk transfer is part of a comprehensive solution
By Adeola Adele, Patrick Kulesa, Kevin Madigan and Alice Underwood
Given the dynamic nature of cyber-risk, taking a multidimensional approach that integrates board governance, technology solutions, behavioral change and risk transfer solutions can help reduce risk to a manageable level.