Some 78% of businesses are concerned about cyber threats, with more than half of them expecting a cyber event in the next 12 months. Despite this, a third do not have an incident response plan.
They were among the findings of a new report from QBE, ‘Connected Business: Digital Dependency Fuelling Risk’, which also found that nearly half (47%) of businesses suffered from a cyber event requiring corrective action in the past 12 months.
When it comes to artificial intelligence, businesses consider AI to be more of a help than a hindrance to their cyber security, with 32% of businesses saying it will improve their cyber protection, compared with 15% of businesses saying AI will increase cyber risks.
David Warr, QBE insurance portfolio manager for cyber, said: “In some parts of the world, take-up for cyber insurance has been slow but as more businesses see their competitors making use of it and see the disruption caused by events, it is spurring them on to look for coverage themselves.”
He said the CrowdStrike outage in July 2024, which caused chaos across the world due to a faulty software update, had contributed to changing perceptions of cyber risk and cyber protection. “It has raised awareness of the types of events covered under a cyber policy, with cover provided for both security incidents as well as operational issues,” he said.
Warr added that AI is both a hindrance and a help to the cyber landscape: “As AI becomes more widely accessible, cyber criminals and cyber activists can launch larger-scale attacks at a faster pace.
“This increased capability in scale and speed brought on by AI could threaten the cyber domain. However, controlled and managed use of AI can also help detect cyber vulnerabilities.”
QBE predicts that the number of ransomware attack victims will increase by 11% from 4,698 in 2023 to 5,200 in 2025 with manufacturing, healthcare, IT, education and government sectors particularly at risk.
QBE’s research was carried out by Opinium Research via an online survey of 311 IT decision makers in the UK during September 2024.
“As AI becomes more widely accessible, cyber criminals and cyber activists can launch larger-scale attacks at a faster pace. This increased capability in scale and speed brought on by AI could threaten the cyber domain. However, controlled and managed use of AI can also help detect cyber vulnerabilities.”
David Warr, Insurance Portfolio Manager, QBE
