Even though cyberattacks have become increasingly threatening, and the consequences sometimes devastating to businesses, only two per cent of the UK’s large companies are insured in case of an attack, a recent government report has shown.
The report, UK Cyber security: The Role of Insurance in Managing and Mitigating (PDF), also states that the number drops down to close to zero for smaller firms.
Large companies lack cover even though 81 per cent of them suffered some sort of a cyberattack in the past 12 months.
The Insurance sector can show companies how to cope better with attacks and understand the risks they face, it said, but states that there is a lot of confusion to what a cyberattack really is.
“At present, within the insurance sector, the cyber threat is not well defined, with confusion surrounding definitions based on different causes and consequences. Insurers tend to conflate cyber with data breach given the well-developed demand for that cover driven by US regulation; however, UK firms have broader concerns about possible damage from cyber risk, including business interruption, damage to property, and theft of intellectual property,” it says.
"The cyber-threat remains one of the most significant - and growing - risks facing UK business," said Cabinet Office Minister Francis Maude in a statement, BBC reports.
In the report, Mr Maude says that some businesses still feel they do not fully understand cyber risk, which highlights the need for companies to have clear accountability structures for cyber risk and to put in place robust cyber security risk management arrangements.
Businesses can draw on a range of advice and guidance given to help them better understand and defend from cyberattacks.