By Ashwani Mishra, Editor-Technology, 63SATS
Key Takeaways:
Cost of Cybercrime: £44 billion in lost revenue over five years.
Low Cybersecurity Adoption: Only 61% use antivirus software, and 55% employ firewalls.
Potential Savings: Up to £30 billion saved with basic cybersecurity measures.
Policy Needs: Tax relief, free resources, and compulsory standards are critical.
Insurance Role: Supporting businesses through advisory and incident response services.
In the past five years, cyberattacks have cost British businesses a staggering £44 billion ($55.08 billion) in lost revenue, with over half of private sector companies reporting at least one attack, according to a report by insurance broker Howden.
The findings paint a troubling picture of rising cyber risks coupled with insufficient adoption of even basic cybersecurity measures, threatening not only financial stability but also business continuity across industries.
The Data: A Widespread and Costly Threat
Cyberattacks cost UK businesses an average of 1.9% of their annual revenue, with larger companies—those earning more than £100 million annually—bearing the brunt.
The most common forms of cyber intrusion included compromised emails, accounting for 20% of cases, and data theft, responsible for 18%.
Despite these risks, the cybersecurity posture of many businesses remains alarmingly weak. Only 61% of businesses report using antivirus software, while a mere 55% employ network firewalls. A lack of internal IT resources and cost constraints were cited as significant barriers to adopting robust cybersecurity solutions.
The ROI of Basic Cybersecurity Measures
Howden estimates that implementing basic cybersecurity measures could reduce cyberattack costs by up to 75%, potentially saving UK businesses £30 billion over a five-year period. For the average company, this could translate into savings of £3.5 million over ten years, representing a 25% return on investment.
“Malicious actors continue to exploit vulnerabilities, particularly as businesses grow increasingly reliant on technology,” said Sarah Neild, Head of UK Cyber Retail at Howden. “Engagement with small and medium-sized enterprises (SMEs) is critical as this segment remains underserved but forms the backbone of the UK economy.”
What Businesses Need: Support and Policy Changes
To improve cybersecurity adoption, businesses are calling for supportive policy measures, including tax relief on cybersecurity investments (33%), free access to cybersecurity expertise and resources (32%), and compulsory minimum cybersecurity standards (31%).
According to Howden, the insurance industry, too, has a pivotal role to play.
From advising businesses on best practices to offering incident response services, insurers can help bridge the gap between awareness and action.
