The enduring impact and escalating costs of cyber attacks for UK businesses are becoming increasingly evident.
Hiscox’s new data reveals that the long-term brand and commercial damage resulting from breaches has more than doubled in the past year, highlighting the growing risks in an AI-driven threat landscape, as reported by City AM.
In its most recent cyber readiness report, Hiscox discovered that 47 per cent of companies affected by cyber attacks in 2024 reported increased difficulty in attracting new customers, a figure more than double the 20 per cent recorded in 2023.
Customer loss surged from 21 per cent to 43 per cent, while brand-damaging bad publicity rose from 25 to 38 per cent.
Marks and Spencer could potentially become a case study in reputational fallout, following a significant breach in April that disrupted its operations for weeks and exposed customer data.
Analysts have estimated that the FTSE 100 retailer lost over £60m in online sales, while its share price has dropped approximately £1.3bn in value.
M&S is anticipated to claim up to £100m from its cyber insurance policy.
Brand trust and business partners at risk
Risks to businesses extend far beyond lost sales.
One in five firms impacted by cyber attacks in 2024 lost business partners, according to the report – a significant increase from 16 per cent the previous year.
The findings illustrate how cyber vulnerabilities are now affecting long-term commercial relationships.
“All businesses are at risk of cyber attacks, particularly as threats evolve in line with AI developments”, warned Alana Muir, head of cyber at Hiscox. She emphasised the importance of cyber insurance, stating it “Cyber insurance not only provides financial protection in the event of a breach but also gives businesses the resources to recover swiftly”.
The growing influence of generative AI is adding to the complexity of the issue.
Durgan Cooper, chair of tech firm CETSTAT, cautioned that AI is “lowering the barrier to entry” for cyber criminals, facilitating faster and more personalised attacks.
With 34 per cent of firms confessing their security has been compromised due to a lack of tech expertise, readiness is falling behind the escalating threat levels.
