Cyberattacks pose a major risk to business reputation and brand trust, a new report by Bermudian-based Hiscox has revealed.

The organisation’s annual Cyber Readiness Report said 67 per cent of organisations had experienced more cyber incidents in the past 12 months than the previous year.

Among the businesses impacted by cyberattacks, almost half (47 per cent) reported considerable challenges in attracting new customers, compared with 20 per cent the previous year.

This was closely followed by loss of existing customers at 43 per cent (2023: 21 per cent), bad publicity for the company at 38 per cent (2023: 25 per cent), and loss of business partners at 21 per cent (2023: 16 per cent).

Hiscox said concerns about reputational damage were also influencing businesses’ decisions to make ransomware payments.

Over the past 12 months, the top three reasons organisations paid ransoms were: to protect their customer data; to protect their reputation; to recover their data because they did not have any back-ups.

However, paying a ransom did not guarantee the safe return of information, with only 18 per cent of businesses managing to fully recover their data.

Eddie Lamb, the chief information and security officer at Hiscox, said: “In today’s business environment, protecting the reputation of any business is just as critical as safeguarding the physical assets.

“Businesses will spend not only years but also thousands if not millions of pounds building their reputation, only to see it destroyed in minutes following a cyberattack.

“It is vital that businesses continue to foster an environment where cyber education is a continuous process, ensuring every member of the organisation understands the critical role they play in maintaining cybersecurity.”

The report said that the adoption of new technology was also contributing to the rise in cyberattacks.

As businesses start to introduce new technologies at a rapid pace, the vulnerabilities they face also increase.

Seven in ten of the businesses surveyed said they had already integrated generative artificial intelligence into their daily business activities, with more than half (56 per cent) believing it would significantly impact their cybersecurity risk profile.

Despite this, many businesses are underprepared: 34 per cent admit that their cybersecurity measures are compromised due to a lack of expertise in managing the risks associated with emerging technologies.

The report said businesses were increasingly recognising the link between cybersecurity and innovation. A quarter (26 per cent) of businesses identify the role of cyber-risk management in supporting innovation as one of the main drivers of their cyber-risk management plan.

Mr Lamb added: “Businesses need to see technological innovation and cybersecurity as complementary, rather than conflicting, forces.

“Business leaders will need to continue to invest in attracting the right expertise to manage emerging technology risks if they are to not just survive but thrive in a world of expanding technologies with their reputations intact.”