Cybersecurity has been climbing up the list of priorities for private corporations and public entities to become the main concern for most companies and governments, which must deal with the complex balance between the necessary digitalization and the ability to prevent the entry of cyberattackers. For that reason, 63% of Spanish companies have coverage for cyber incidents, either with a specific policy for it (26%) or with a much more basic protection as part of another general insurance (37%).
While it is true that cyber-attacks have been with us practically since the dawn of computing, and that in recent years they have gradually become more important, it is only in the wake of the pandemic that they have really taken hold in society. In fact, more than half of Spanish companies (53%) have already been victims of a cyber-attack, according to the Hiscox 2021 Cyber Preparedness Report, which is why those that did not have the support of an insurer in this area are making plans to include it: 12% have plans to take out a specific cyber policy and another 7% want to include this coverage in their existing insurance policies. This increase in investment is possible because, aware of the risk, companies have also increased the item in their IT budget earmarked for cybersecurity (22% in 2021 compared to 15% in 2020 and 9% in 2019).
However, although they only represent 18% of the total, companies that have no plans to take out any type of coverage at a time of maximum exposure to attacks are of particular concern. In Spain alone we have witnessed numerous attacks, such as that of the Public Employment Service at the beginning of the year, that of the Ministry of Labor months later, that of MediaMarkt days before a key date for retailers such as Black Friday, and a long list of companies and public institutions that have seen their activity put in check by cyber-attacks.
To try to prevent them in the future, or to mitigate their effects if they cannot be prevented, training is essential, both for managers and for all employees involved in the value chain. It is not enough to have sufficient technological infrastructures if employees continue to be the main entry point for attacks due to their lack of knowledge, for example, of how to correctly identify a phishing attempt. In this regard, there is still a long way to go in Spain, because 35% of companies in the country are cybernovices and only 9% can be considered cyber-experts in terms of their ability to ensure the resilience of the business in the shortest possible time after a cyberattack.
In fact, there are currently a multitude of initiatives aimed at improving these rates, especially in the case of SMEs, where "cybernovatism" is as high as 54%. One of the most important is the "Digital Kit" program announced by the Government, which provides for an investment of more than 3,000 million euros in the digitalization of small and medium-sized Spanish companies and the self-employed. And specifically with regard to cybersecurity, the Spanish government plans to invest 244 million in cybersecurity through INCIBE, which is the largest innovative public procurement in Europe in this area.
Cybersecurity is also set to play a leading role in 2022 within companies and public institutions, so it is essential to work in the present to develop sufficient tools to protect us from the cyberattacks of the future.
In Grupo Galilea we offer the best cyber risk insurance tailored to your needs, if you want more information click on the following link:
Cyber Risks Insurance
Source: SegurosNews