The number of cyber attacks against businesses surged last year, with more than 60% of companies reporting at least one attack in 2018, according to a new survey.
Around 61% of businesses reported one or more cyber attack in 2018, up from 45% the previous year, according to Hiscox's cyber readiness report 2019.
The recent spike in cyber crime included a number of high profile incidents, including data breaches at British Airways and Dixons Carphone.
British Airways was forced to apologise last year after the credit card details of 380,000 customers were stolen during an attack on its website and app.
Despite the sharp increase in the number of attacks, the number of firms making preparations against such incidents has declined over the past year, according to the figures.
The new report surveyed 5,400 firms in the US, UK, Belgium, France, Germany, Spain and the Netherlands to assess cyber security.
Nearly three quarters (74%) of businesses were considered unprepared for a cyber attack, after failing a cyber readiness test.
The size of losses related to attacks also sharply increased, with the average loss reported at 369,000 US dollars (£283,000), up 61% on the previous year. German firms reported the largest overall losses, as one company reported 48 million US dollars in losses from data breaches.
While large firms remain the most likely to be targeted, the number of small and medium sized businesses affected by the crime surged last year.
Around 47% of small firms, those with less than 50 employees, reported attacks, up from 33% last year.
The proportion of medium-sized businesses, with 50 to 249 employees, targeted also soared, rising to 63% from 36% the previous year.
Companies increased their expenditure on cyber security last year by 24%, to 1.45 million US dollars (£1.1 million) on average, while the number taking out insurance against attacks also rose.
Gareth Wharton, Hiscox Cyber CEO, said: "Where hackers formerly focused on larger companies, small and medium-sized firms now look equally vulnerable. The cyber threat has become the unavoidable cost of doing business today.
"The one positive is that we see more firms taking a structured approach to the problem, with a defined role for managing cyber strategy and an increased readiness to transfer the risk to an insurer by way of a standalone cyber insurance policy."
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules here