Of the employee error-related cyber attacks on UK businesses, 14% of incidents resulted in customer data being stolen.
30% of respondents affected said that their company’s system went down for four to five days, while a third said their business was out of action for up to three days.
Additionally, one in seven (14%) of respondents said that the cyber attack or data breach impacted their business’s reputation, while one in eight (12%) experienced a financial impact.
A further 14% said that an attack resulted in customer data being stolen, and despite the risk of fines under the EU General Data Protection Regulation (GDPR), only 39% of UK decision makers have invested in expert advice to assist them in mitigating security issues.
How UK companies can prepare for a new national GDPR post-Brexit
“Virtually all businesses are at risk of a cyber attack, and as this research shows, it is often an employee mistake which causes the problem,” said Tom Draper, head of cyber at Gallagher. “Cyber criminals have become increasingly sophisticated with ways of trying to obtain access to data or a company’s system, and it’s hard to remove the risk of human error entirely.
“However, by businesses taking a comprehensive, multi-layered approach to cyber security – including ensuring they have the appropriate insurance in place, establishing effective training programmes for employees and implementing technologies that secure the most sensitive data – they can save both money and resources in the long run, while also helping to mitigate the potential threat of an attack.”
Despite the high proportion of UK businesses experiencing cyber attacks caused by employee error, 71% of respondents stated that human error when it comes to security is a worry, while 64% said that they remind employees regularly about the risk of cyber crime.
In addition, 42% of business leaders said that they have installed off-the-shelf preventative technology, while 39% opted for a tailored product.
How to choose a cyber insurance policy
In regards to what kinds of attacks UK businesses encountered as a result of employee error, malware (39%) was the most common, followed by phishing emails (35%) and data breaches (28%).
1000 UK business leaders were surveyed by Gallagher for this study.