Cyber attack levels are consistent despite the high profile of some

Despite a number of recent high-profile cyber incidents making headlines in the UK, the actual volume of attacks has remained largely consistent, Tom Draper, managing director of cyber insurance provider Coalition, told AIRMIC Today.

Draper stressed that cyber threats are ever-present; the real shift has been in their visibility and impact. “There’s almost a continual level of attack. This is cyber-criminal activity. The criminals need to make money on a consistent basis – so the attacks are constant.” 

He said the recent surge in public awareness is due more to the visibility of the attacks than a genuine increase in volume. “In the last two to three months, the incidents have been more high-profile and more visible to the UK public.”

In 2021, Coalition launched a captive to begin taking risk on its cyber insurance programmes, a move it said enhances its ability to manage capacity and its long-term growth objectives while further aligning incentives with its customers. 

It followed this in 2023 by launching Coalition Insurance Company (CIC), a wholly owned admitted insurance carrier, which provides expanded capacity for Coalition’s Active Cyber Insurance, which combines cyber coverage with digital tools to monitor and manage risks and offers access to Coalition’s incident response services.

Draper cited recent disruptions to major UK retailers as a key reason for this shift in public perception. “That’s bringing home cyber-attacks in a far more real way than just not being able to use a website.”

The evolving landscape has prompted renewed scrutiny among businesses, particularly large UK plcs. “What we’re going to see, and are already seeing, is increased focus on cyber risk management,” Draper said. 

“During Covid, we all realised we work for digital companies. Then the world returned to normal, and many companies went back to operating as they always had. Now, there’s a renewed sense of urgency.”

Importantly, Draper noted that recent attacks have not used novel or sophisticated techniques. “None of the attacks have exploited zero-day vulnerabilities. They’re exploiting well-known issues – either through human error, such as password resets at IT service desks, or long-standing vulnerabilities. It’s not a matter of awareness – it’s about priorities and resources.”

The complexity of cyber risk management lies partly in the communication gap between business units, risk teams, insurers and cybersecurity professionals. “You're talking insurance, you’re talking risk and you're talking cybersecurity – each of those areas uses different languages and focuses on different priorities,” Draper said. “It’s hard to bring them together at the best of times.”

Adding to the challenge is the loss of institutional knowledge due to staff turnover and retirement, exacerbated by the pandemic and other recent crises. “There’s been a lot of change, and that’s hard to replicate. These high-profile events force companies to ask, ‘What do we do now?’”

However, Draper also sees promise in the next generation of professionals entering the field. “Younger talent is more technologically literate – they’ve grown up with smartphones and digital solutions. That’s a positive, but they also push for new technologies that can expose businesses to new risks.”

Ultimately, Draper concluded, “Cyber risk is not static – it’s constantly evolving. Businesses are on a journey, and cyber is part of that journey. It requires continuous reassessment, better communication and a proactive approach to risk management.”

For more news from AIRMIC Today, click here.

Did you get value from this story?  Sign up to our free daily newsletters and get stories like this sent straight to your inbox.