An analysis of the most pressing concerns based on insights from 1,000 UK business leaders.
Author: Tom Mooney
Over the years, the threat of cyber attacks has grown. However, despite the average cost of recovering from an attack standing at £21,000 on average, many businesses do not have a formal cybersecurity incident management plan in place,1. Furthermore, around 50% of UK businesses reported a cyber-attack in 2024 and just 31% of businesses and 26% of charities carried out a cyber security risks assessment. This is concerning and reveals that businesses are not adequately protecting themselves from a cyber event from happening and may be left footing some of the costs due to the fact they are unprotected.
Cyber criminals are continually evolving their tactics and methods of attack, meaning it is difficult for businesses to keep themselves protected. A recent report revealed that only 25% of organisations believe they were not hit by ransomware in 2023, whilst 49% attest they were hit between one and three times that year2, meaning that these types of attacks are a growing issue for many businesses. Cyber criminals carryout ransomware attacks by gaining access to a business’s devices and systems, and any data stored, through encrypting files. Cyber criminals usually lock any devices they access or encrypt data, so that a business is unable to recover any data that they own.
One of the most prolific ransomware groups is RansomHub which gained notoriety in 2024 following high profile attacks. RansomHub is a ransomware-as-a-service (RaaS) affiliate program which has developed a piece of ransomware technology and leases it to affiliates who then carry out attacks. Attackers use RansomHub’s software to break into a businesses systems, extract sensitive data, and then encrypt the organisation’s systems so that only they have access to the data. The affiliates carrying out the attack claim the majority of the ransom amount and handover the rest to RansomHub. From there, businesses are forced to pay a ransom in exchange for decryption of the data that was stolen. In addition, cybercriminals may threaten to leak sensitive data that was stolen which could cause substantial reputational damage to an organisation3.
Ransomware attacks impact all sectors and businesses of varying sizes. RansomHub has provided criminals with easier access to a means of attack, meaning that a higher number of businesses could find themselves on the receiving end of an attack. There are a range of things that businesses can do when it comes to protecting their businesses against ransomware attacks. An important step to consider is putting in place multi-factor authentication (MFA) which provides an additional layer of protection when it comes to signing into systems. MFA strengthens security by requiring users to provide at least two pieces of evidence, or authentication factors, to prove their identity. By requiring multiple authentication factors, MFA provides a higher level of assurance about the user’s identity. Even if one of the factors has been compromised, the chances that all of the factors have been compromised are low.
Having robust preventative measures in place is key when it comes to cyber threats. Gallagher’s dedicated cyber risk management team works closely with clients to pinpoint areas of vulnerability, reduce the likelihood of a breach, and give them the tools they need to get back up and running with as minimal damage as possible if one does occur. Gallagher’s Cyber Defence Centre provides businesses with access to cyber-attack mitigation strategies and defences so that businesses can stay protected and, should the worst happen, get back up and running following any disruption that has occurred.
