- The average cost of a cyber incident in 2023 was $1.7m in 2023, up 11% from last year
- Organisations say the leading factor for higher costs is increased insurance premiums
18 December – LONDON – In the annual Cyber Security Insights Report 2023, global corporate intelligence and cyber security consultancy S-RM has found that the direct cost of a cyber incident has increased by 11% in 2023 to an average of $1.7m.
The report found this average rises to $2.7m among organisations without cyber insurance, demonstrating the increased risk faced by companies that do not have adequate insurance in place.
Organisations surveyed reported that the top three factors contributing to growing cyber incident costs are increased insurance premiums (37%), operational downtime (36%), and recovery and response costs (32%).
Bigger risk for bigger firms
S-RM’s research shows large organisations in particular should make sure they have invested in cyber insurance, with 30% of companies with a revenue between $500m and $1bn experiencing a ransomware attack in 2023, compared to 40% of larger companies with a revenue between $10bn and $25bn.
The risk is higher amongst larger organisations because they are more likely to hold greater volumes of sensitive data, and often have broader operational footprints which are harder to govern consistently.
Jamie Smith, Board Director, and Head of Cyber Security at S-RM, commented:
It almost goes without saying that the larger the organisation, the bigger the target it has on its back. However, most of these sizeable companies will have much more expansive budgets that they could, and should, be putting towards cyber security. Paying a regulatory fine, facing increased premiums, or recovering from downtime all carry a far higher cost than ensuring you have adequate cyber budget allocated.”
Paul Caron, Head of Cyber Security, Americas, at S-RM, added:
For many companies and organisations, cyber insurance has far exceeded being just a ‘nice to have’, and our most recent data shows exactly why it is so essential to be properly insured against cyber incidents and data breaches. Premiums may be rising, but without adequate insurance the regulatory, reputational and downtime risks are far higher – businesses must take note.”
For more information, download the 2023 Cyber Security Insights Report from S-RM's website here: https://www.s-rminform.com/cyber-security-insights-report-2023
Notes to Editors
About S-RM
S-RM is a global corporate intelligence and cyber security consultancy with expertise in insurance, cyber security, and cyber response. Headquartered in London, S-RM works across 9 international offices, and advise companies ranging from blue-chip corporates to large financial institutions, and beyond.
To find out more about S-RM, visit https://www.s-rminform.com/
Methodology
The S-RM Cyber Security Insights Report 2023 follows on from our 2022 report, and explores the cyber security challenges faced by organisations today and how they’ve evolved over the last year. 600 senior C Suite and IT budget holders from organisations with revenue over USD 500m were surveyed from the US and UK in September 2023.
For more information, download the full 2023 report from S-RM's website here: https://www.s-rminform.com/cyber-security-insights-report-2023
Media Enquiries
Tom Stewart-Walvin
Rostrum
t.stewart-walvin@rostrum.agency
+44 (0)7855 689 302