Finance and insurance firms investing most on cyber security 2019

  • Finance and insurance firms invested the most on cyber security in 2018-19, at an average of £22,050 – a 23% increase from 2017-18
  • Businesses in health/social care/social work spent the second highest amount (£16,800) on cyber security– an astonishing 506% rise compared to year before
  • Firms in food and hospitality spent the least on cyber security in 2018-19, at an average of just £1,080 – despite this, marking a 20% increase from 2017-18

The prevalence and severity of cyber-attacks/breaches has damningly increased over the last few years. This year alone (2019), 55% of UK firms have already faced a cyber-attack and losses from breaches have accounted to a shocking £176,000 on average, according to statistics from insurance provider Hiscox.

Just this month (November 2019), one of the most prolific targets was the Labour Party – where hackers deployed two large-scale cyber-attacks across the political parties’ digital platforms.

Interested in how serious businesses are about cyber security, Specops Software analysed the latest findings from to see how much 1,091 UK firms from a range of sectors have invested in cyber security during 2018-19 (April 2018 – March 2019).

Additionally, 2018-19 cyber security investment figures where compared to 2017-18 (April 2017 – March 2018), to see if year-on-year cyber security investment had increased or decreased for each of the reviewed sectors.


Specops Software found that finance and insurance firms have invested the most on cyber security, at a significant £22,050. This represents an increase of 23% from the previous year (2017-18), where finance and insurance companies were spending £17,900 on average.

Thereafter, firms in health/social care/social work invested the second highest amount on cyber security at £16,800. From the considered sectors, it marked the biggest rise (an astronomical 506%) in cyber security spending when compared to the year before (2017-18) – where the average outlay was only £2,770.

Contrastingly, businesses in the food and hospitality industry invested the least financially, at an average of just £1,080. Despite the low sum, it was still an increase of 20% from 2017-18 – when firms within the sectors were spending £900.

Investing slightly more than the food/hospitality sector, entertainment/service/membership firms splashed out an average of £1,940 on cyber security in 2018-19. An astounding surge of 152% in contrast to 2017-18 – where cyber security investment was a mere £770.

Darren James, a Cyber Security Expert from Specops Software commented:

“As cyber-attacks/breaches become more frequent and complex, cyber-security has to be a high priority for firms. Otherwise they face the huge risk of leaving their website and digital communication platforms exposed to devasting cyber-attacks/breaches. So key decision makers need to carefully understand and manage their online eco-system to ensure it consistently has the adequate defenses in place to protect against varying cyber threats. In addition to this, education as well as governance on cyber security for employees can play an essential role in protecting critical functions from being targeted/compromised”.

Specops Software’s top three tips for effectively maintaining high cyber security standards

Review IT Estate

Carry out a regular assessment of IT systems to identify any vulnerabilities that maybe targeted and exposed by opportunistic cyber-criminals.

Education and Governance

Create a formal document which establishes the firm’s best practices and policies on cyber security. Within this, give employees clear guidance on what they can and cannot do on the company’s IT devices/systems/networks.

Safeguard and Protect

Keep anti-virus software up-to-date, apply the latest security patches and periodically change passwords across IT estate.


Credit –