CFC, a leading global underwriting firm providing insurance related to cyber security has revealed in its latest report that UK firms are having a lower level of maturity than their US counterparts when it comes to cyber security.
The claim was made by the underwriting firm based on the analyzed figures which revealed UK organizations made an incommensurate high number of claims in 2016 when compared to the firms operating in the United States.
The survey figures of CFC policy were as follows- 31 percent privacy breaches accounted for the biggest number of claims, followed by the financial loss of 22 percent, ransomware 16 percent. Malware accounted for 7 percent claims and DDoS attacks were 5 percent. Business disruption and illegitimate access accounted for 4% and 5% each.
The survey was taken up by the firm which offers cyber insurance to more than 40,000 companies discovered that vast majority of claims i.e 90% of them were made by organizations with an annual income of less than £50 million.
What’s more amusing is the fact that claims on policies made in this year were up by 78% than the previous year. This clearly suggests that breaches are occurring on a regular note. But most of them are not being publicized due to the absence of mandatory breach notification laws which otherwise exist in the United States.
However, coming days will surely witness a change in this trend as the European Union is said to introduce European General Data Protection Regulation, shortly called as GDPR in 2018. The new regulation will help in having a better idea of the breach numbers occurring in the UK.
Meanwhile, the Payment Card Industry Security Standards Council estimates that UK firms will have to pay fines in excess of £120 billion under the new laws, if in case, the incidents stay as per the predicted stats revealed by the PwC Information Security Breaches Survey.
If the above said occurs, then GDPR will start imposing 4 percent more fines based on the global annual turnover of £18 million or £20 million.
This fine slapping trend could easily fuel up the cyber security maturity levels in the whole UK.