Only a third of British businesses have a financial plan in place in case of a cyber attack, according to a survey at Lloyds Bank. Meanwhile, only half of companies discuss the risk of cyber attacks at board level.
The survey found that, if attacked, over a third of firms would pay a ransom to get their data back, but only a quarter had dedicated cyber insurance.
Read more: Most global firms have no clue what a cyber attack will cost them
“A common problem faced by businesses is failing to understand the full financial impact of a cyber-attack,” said Giles Taylor, head of data and cyber security at Lloyds commercial banking.
“Our findings highlight the fact that organisations are not considering all of the knock-on effects of a cyber-attack and don’t always have sufficient financial plans in place.”
Other results from the survey show that 65 per cent of companies thought it would take them six months or more to recover from a disruptive cyber attack. Meanwhile, eight out of 10 business leaders said they were concerned or very concerned about the financial implications of a cyber attack.
Read more: Cybersecurity start-up edges closer to unicorn status
The findings come just a few months after the head of the UK’s National Cyber Security Centre warned that a major cyber attack was a matter of “when, not if”. Last year’s WannaCry ransomware attack is estimated to have cost some £6bn globally.
A report from Lloyds last year found that a wide-scale, international cyber attack could cost as much as £41bn in economic losses. “The world is moving quickly and the reality today is that the economic impacts of cyber security can no longer be ignored,” said Taylor. “Until recently cyber has been seen as a problem for the IT department to manage but when the worst happens, the whole business suffers.”