The Most Surprising Facts From The Hiscox 2017 Cybersecurity Readiness Report

On February 7, Hiscox Insurance, in conjunction with Forrester Consulting, released it’s 2017 Cyber Readiness Report. Inside was a wealth of data about the state of cybersecurity for businesses big and small. While the report has many interesting insights, I found the following six to be particularly interesting and illustrative of why small businesses need reliable IT partners to defend against cyberattacks and provide support when they happen.

Cybersecurity for Business 

  • cybersecurity Approximately one in three small business owners (29 percent) report that they did not change their operations following a cyber incident. Hiscox rationalizes that time and money are limiting factors for small businesses, and they often do not have enough of them to provide any adequate response to a cyber incursion.
  • Two thirds of smaller companies (60 percent) report being targeted in a cyberattack in the past 12 months. Methods of attacks vary—from email and malware scams to sophisticated hacking—but U.S. companies are targeted more than companies overseas and small businesses in the U.S. are the third-most targeted, after larger companies in the U.S. and Germany (respectively).
  • On average, the largest attack in the past 12 months cost U.S. businesses with less than 100 employees just over $35,000. While the costs go up as you add more employees, small businesses are less poised to handle a significant loss. As Hiscox puts it: “In relative terms, small companies are paying the highest price for operating online.”
  • It’s very difficult to get back to “business as usual.” Over a third of respondents (37 percent) found it took them two days or more to return to normal operations. For small businesses without substantial IT support on staff, the time to return to normal operations is likely higher.
  • Enterprise-sized companies are responding with more money and more personnel. Just shy of 50 percent of companies say they plan to increase spending on cybersecurity staff by more than 5 percent in the next year. Increasing competition means that smaller firms will simply be priced out of the market for qualified staff—that’s if they had room in the budget to hire IT personnel in the first place. Hiscox concludes that the gulf between smaller and larger companies is widening.
  • One in six (15 percent) companies report having lost customers and experienced greater difficulty attracting new ones after a cyber incident. Smaller companies are often shielded from the press that follow larger company breaches. Although customer satisfaction and loyalty remain key components of business for smaller firms and cyber incidents threaten those revenue streams.

If any of these statistics worry you, then it may be time to bolster your cybersecurity and cybersecurity policy, so that you can ensure that you’ve taken the necessary precautions to avoid a breach.

Many businesses are looking for help from the outside. Data from CompTIA reveals that the top reason that businesses look to outsource some of their technology needs is to improve their security. To avoid a cyber incident and stay ahead of any potential breaches, consider the areas in which you might need to make some changes.

Is your business able to withstand a cyberattack?

Aureon Information Security White Paper


Rob Griffith

Rob Griffith is an Account Executive for Aureon, focusing his attention to the Aureon Technology business unit. Over the past 8 years Rob has worked exclusively with small to midsize businesses with an emphasis on the banking vertical. His focus has been helping companies with data center strategy, security and compliance.


March 13, 2017

Posted by

Rob Griffith


Sign up to receive the Aureon Weekly Update.