The evolving landscape of cyber risk
James Trevis, Cyber Portfolio Manager at NFU Mutual, reflects on the evolving landscape of cyber risk on businesses, it’s impact on retailers, and adequately defending yourself against the cyber threat.
It’s clear that whatever your business, the cyber threat is evolving. In the recent Cyber Breaches Survey 2024, it’s been reported that half of businesses (50%) and around a third of charities (32%) have experienced some form of cyber security breach or attack in the last 12 months. This is much higher for medium businesses (70%), large businesses (74%) and high-income charities with £500,000 or more in annual income (66%).
It’s been revealed that by far the most common type of breach or attack is phishing (84% of businesses and 83% of charities). This is followed by others impersonating organisations in emails or online (35% of businesses and 37% of charities) and then viruses or other malware (17% of businesses and 14% of charities).
Consequently, it seems like a critical time for organisations to review their approach to cyber risk, to ensure they have protection in place to defend against the threat that cyber-attacks pose on businesses today.
Cyber risk in the news
The recent CrowdStrike IT outage that affected 8.5 million Windows devices is a striking example of the growing risk of single points of failure in the digital world. Cyber security experts warn of increased hacking attempts following the incident that look to exploit the situation, with individuals and organisations being advised to exercise extreme caution, and rely solely on official sources for information and assistance.
People often overlook the interconnected nature of their cybersecurity, focusing solely on their internal systems. This approach can leave you vulnerable to breaches that originate from software vendors, outsourced IT providers, and key suppliers. The recent CrowdStrike incident serves as a stark reminder of this risk, and the importance of expanding your cyber risk assessments to include these third parties, and implement robust mitigation strategies
Cyber risk and retail businesses
Cyber risk impacts all businesses but seems to be growing in prominence within the retail sector. Last year, Swan Retail, a UK-based retail management software provider, experienced a cyber-attack which resulted in significant disruptions to around 300 retailers. The company has confirmed an ongoing investigation with the UK National Cyber Security Centre (NCSC), and Action Fraud.
Recent research by NFU Mutual showed that 53% of retailers surveyed have ever experienced a form of cybercrime, and one in 10 of those surveyed have fallen victim in the last 12 months, resulting in many of those reviewing their IT protocols. 22% said they had increased their IT security as a result. Of those surveyed, the most common crime suffered was customer fraud, with nearly a quarter surveyed (24%) being victims, while the second highest was phishing scams (21%). Data theft or breaches (15%) and malware or viruses on computers (13%) also featured.
Many businesses are implementing security measures which is promising, however, robust defences can’t eliminate all risks. A comprehensive cyber risk strategy goes beyond prevention. It’s crucial to have a well-defined incident response plan and access to cybersecurity experts. Cyber insurance is a vital tool that complements these measures, providing financial protection and support in the event of an attack.
Cyber insurance at NFU Mutual – defending against the cyber threat
Cyber cover arranged by NFU Mutual is designed to protect businesses and farms of all sizes from the consequences of a variety of digital threats modern businesses face. We, along with our trusted partners, will take the time to ask the right questions in order to fully understand the cyber cover you need to safeguard your business.
We aim to provide:
- Support – with expert incident responders available 24/7.
- Control – Containment and recovery from an incident, reducing downtime.
- Protection – Minimise the reputational damage or impact to your business.
Whether it’s ransomware, hijacking, data breaches or denial of service attacks, your local NFU Mutual agency office will take the time to understand your needs and explain the full details, including any limits and exclusions that may apply, to help ensure the cover you have in place is right for you and your business.
For more information about cyber insurance options, please contact your local agency office.