The threat landscape is becoming more expansive and intricate, covering everything from targeted ransomware to phishing. Understanding the cyber risks your business faces can be challenging, especially if you haven’t experienced an attack firsthand. As a result, many businesses may overlook the potential severity of these risks. However, 50% of UK businesses reported falling victim to a cyber-crime between 2023-2024¹, making it clear that managing this risk is no longer just an IT responsibility, but a key issue company-wide.

This article explains what cyber-attacks are, how they occur, and the steps we can support you with to protect your business.

What are cyber attacks?

A cyber-attack is a purposeful attempt to steal, expose, modify, disrupt, or damage data, applications, or other assets by unlawfully accessing a network, computer system, or digital device. According to the UK Government’s Cyber Security Breaches Survey 2024², 50% of businesses have reported experiencing a cyber security breach or attack within the past 12 months.

 Why do they happen?

There are three main categories, with each having varying motivations:

1. Criminal

Criminal cyber attackers are driven by financial motives, aiming to profit through data breaches or disrupting business operations. Cybercriminals often use ransomware to seize data or lock devices, demanding payment from the targeted company.

2. Personal

Disgruntled current or former employees can sometimes target their company. They may take money, steal sensitive data, or disrupt a company’s systems. This is known as a personally motivated attacker.

3. Political

Political cyber-attacks occur in forms such as ‘cyberwarfare’. Since Russia’s invasion of Ukraine, companies across the UK were advised to prioritise securing their online defenses. The National Cyber Security Centre (NCSC) reported that the UK and its allies uncovered the ‘Snake’ malware threat, a key element in operations led by Centre 16 of Russia’s Federal Security Service (FSB)³. The implant has been used to gather sensitive information from targeted entities, including government networks, research institutions, and journalists, and has been identified in over 50 countries globally.

What are common cyber attacks?

Ransomware and Data Breaches

According to IBM, ransomware is the second most frequent type of cyberattack, representing 17% of all incidents⁴.

The most valuable asset that most companies hold in 2025 is their data. Whether a company relies on their systems to trade day to day or holds sensitive customer data, Cyber criminals know all too well that most companies cannot survive a ransomware attack for long. Ransomware attacks can result from something as simple as an employee opening an attachment in a seemingly normal-looking email. For a sophisticated cybercriminal, this is enough for ransomware to be installed on your network, giving the hacker the ability to not only shut down your network but also to access and leak data you hold.

Cybercriminals have shifted from demanding small ransoms to infiltrating networks for months, collecting data to sell or leak, and then using it to demand larger ransoms up to hundreds of thousands of pounds. In January 2024, LoanDepot, a prominent mortgage lender, was targeted by a ransomware attack that compromised the sensitive information of around 16.9 million customers, including Social Security numbers and addresses. Due to the disruption of operations and other effects of the cyberattack, LoanDepot faced an estimated $27 million in expenses for response and recovery efforts⁵.

Funds Transfer Fraud / Social Engineering Fraud

Almost all companies invoice clients for goods or services and work with suppliers who invoice them in return. Electronic payments can be vulnerable to cybercriminals who intercept and redirect funds to fraudulent accounts. These attacks can be perpetrated in a number of ways including:

• Social Engineering – whereby a member of your accounts team might be tricked into paying funds into a fraudulent account, following an extremely convincing call from someone pretending to be the client/supplier and advising of a change of bank details.
• Invoice Fraud – whereby an invoice attached to an email can be intercepted along the way, with the details changed to that of a fraudulent account before being released, seemingly with no discernible changes.

How can risks be mitigated?

77% of Cyber claims involve employee error, so training your staff is a crucial element of your Cyber risk management⁶. Steps can be as simple as implementing procedures, such as call-backs to a known contact before accepting a change of bank details.

Other mitigation strategies include:

• Using reputable antivirus software and firewalls – this is your first line of defense, so maintaining a strong firewall and keeping your security software up to date is critical.
• Patching (updating) – regular patching of vulnerable software is necessary to help prevent infection that takes advantage of out-of-date systems with known vulnerabilities.
• Strong passwords and multi-factor authentication – this will also reduce your risk of Business Email Compromise (BEC), which is another prolific problem and can lead to downtime, reputational impact, and large financial loss.

The NCSC has provided further guidance with actions you can take to reduce the risk of falling victim to an attack whilst the threat level is heightened here.

We are here to help

Speak with one of our experts to access a complementary cyber vulnerability assessment report and to obtain a cyber quotation here.

If you’re not sure where to start when it comes to your cyber security strategy, or you would like a second opinion to ensure your data is as protected as possible, our sister company, Specialist Risk Insurance Solutions, offer a complimentary ‘KYND’ report, which will put you in contact with an expert team that will be happy to assess your risk.

Contact us

If you are interested in understanding how a Cyber policy could help protect your business and complement your business continuity planning, speak to a member of the team on 0208 236 5350.

---

Sources

1. GOV UK: Cyber security breaches survey 2024 – GOV.UK
2. ibid. 
3. National Cyber and Security Centre: NCSC advises organisation to act following Russia’s attack on Ukraine
4. IBM: What is a cyber attack?
5. secureframe: 15 Recent Cyber Attacks & What They Tell Us About the Future of Cybersecurity
6. Khando, Khando, et al. “Enhancing Employees Information Security Awareness in Private and Public Organisations: A Systematic Literature Review.” Computers & Security, vol. 106, no. 1, 2021, p. 102267. Sciencedirect, https://doi.org/10.1016/j.cose.2021.102267

Small to medium enterprises (SMEs) are experiencing an increase in the costs of IT services. A study by Deloitte found that 59% of businesses outsource IT services to cut these costs¹, or they are managed internally by an individual or small team responsible for the business’s ‘digital estate’ and cybersecurity.

SMEs are still being disproportionately targeted by cyber criminals, with employees four times more likely to face a cyber threat than those at large organisations². Their motives include financial gain, disruption extortion, obtaining intellectual property, or to simply observe business interactions.

What should SMEs consider implementing to help their digital and cyber resilience?

It is highly recommended that SMEs and their employees develop a digital and cyber resilience strategy to ensure the necessary cybersecurity hygiene for operating in the digital domain. This strategy should be well practiced and actionable.

Lacking the fundamentals to reduce or mitigate potential cyber risks, regardless of business size, can determine whether a company contains the issue and recovers quickly, or suffers prolonged damage that hinders recovery.

Here are potential steps an SME can consider implementing (in no specific order):

• Conduct regular cybersecurity training and raise awareness of various social engineering tactics used by threat actors (e.g., emails, texts, phone calls, instant messaging).
• Regularly install security patches and enable system logs.
• Limit user permissions and controls.
• Develop an incident response, business continuity, and disaster recovery plan, supported by a monitoring tool (e.g., endpoint detection and response).
• Include an incident response retainer for proactive reviews of your environment, with support for cybersecurity incidents and threat intelligence to identify compromised user credentials on criminal forums.
• Harden the security configurations of systems, applications, and cloud services. Ensure proper role-based access, security controls, and Multi-Factor Authentication (MFA) across all platforms.
• Backup data, including offsite and separate storage, and regularly test restore capabilities. Ensure data is encrypted for added security.

In addition to having a robust response plan, every business should consider Cyber insurance. This coverage not only helps with indemnity for incurred costs, lost revenue, or third-party liabilities, but also provides access to expert breach responders who can help restore operations and protect the company’s reputation.

How we can help

Speak with one of our experts to access a complementary cyber vulnerability assessment report and to obtain a cyber quotation here.

If you’re not sure where to start when it comes to your cyber security strategy, or you would like a second opinion to ensure your data is as protected as possible, our sister company, Specialist Risk Insurance Solutions, offer a complimentary ‘KYND’ report, which will put you in contact with an expert team that will be happy to assess your risk.

Contact us

If you are interested in understanding how a Cyber policy could help protect your business and complement your business continuity planning, speak to a member of the team on 0208 236 5350.

---

Sources 

1. US Global Outsourcing Survey: us-global-outsourcing-survey-2022.pdf
2. Global Threat Intelligence Report: Global Threat Intelligence Report January-June 2024 | Mimecast

In recent years, the UK motor sector has undergone a remarkable transformation, with rapid advances in technology which has led to the rise of connected cars, electric vehicles, and autonomous driving. However, despite this digitalisation, many long-standing operational methods remain, making the industry particularly susceptible to cyber threats.

In this article, we take a look at the top five cyber security threats that currently face the motor industry and the ways in which businesses can mitigate against them.

1. Data Breaches

The automotive industry collects and stores vast amounts of sensitive customer information, including personal details, financial records, and driving histories. This data is a prime target for cybercriminals, who exploit it for identity theft, fraud, and other illicit activities. Additionally, cyberattacks can compromise valuable intellectual property, such as pricing models and customer analytics, putting companies at risk of financial and competitive losses.

2. Ransomware Attacks

Ransomware attacks pose a significant threat to business operations by encrypting critical systems and demanding payment for their release. Beyond operational downtime, ransomware incidents also result in substantial financial losses due to ransom payments and data recovery efforts, and business interruptions.

3. Vehicle Hacking

With the rise of electric vehicles, cybercriminals are finding new ways to exploit vulnerabilities in vehicle software. Remote hacking can allow attackers to take control of critical functions such as braking, steering, and acceleration, creating severe safety risks. Additionally, modern vehicles collect and transmit large amounts of data, including location, driving behaviour, and diagnostics, making them attractive targets for data theft and misuse.

4. Phishing and Social Engineering

Cybercriminals frequently use phishing and social engineering tactics to manipulate employees and customers into disclosing sensitive information. Deceptive emails, fake websites, or phone scams can trick individuals into revealing login credentials, personal data, or financial details. These attacks can lead to data breaches, unauthorised transactions, and fraudulent transfers, posing a severe risk to both businesses and customers.

5. Supply Chain Vulnerabilities

The extensive network of suppliers in the UK motor industry means that a vulnerability in one supplier could compromise the entire supply chain. Smaller suppliers with less robust cybersecurity measures are often targeted, providing attackers with entry points to larger manufacturers.

Mitigating against cyber security risks

In order to safeguard their operations, protect customer data, and maintain a strong competitive position the motor sector, businesses should consider the following ways to mitigate against the risk of cyber-attacks:

• Strengthen IT infrastructure – invest in strong cybersecurity measures such as robust firewalls, intrusion detection systems, and multi-factor authentication.
• Employee cybersecurity training – ensure your team have access to regular cybersecurity focused training with a variety of social engineering techniques, such as phishing attacks and cybersecurity.
• Cyber incident response and recovery plans – Develop and regularly update a cyber incident response plan to ensure you know what to do in the event of an attack.
• Compliance with data protection and privacy measures – Ensure that your business is compliant with GDPR and other relevant regulations to protect customer data.
• Invest in cyber insurance – As well as providing protection in the event of a cyber-attack, a cyber insurance policy goes further and provides access to specialist assistance with advice about the payment or non-payment of ransomware demands and the costs associated with responding to regulatory bodies and IT forensic investigations.

By implementing these measures, businesses in the motor sector can significantly reduce their exposure to cyber threats while ensuring the safety and security of their vehicles, customers, and operational infrastructure.

To find out more about cyber insurance, please get in touch with a member of the Hamilton Leigh team on 0208 236 5350 or email info@hamiltonleigh.com

In our latest ‘Difficult. Done Well’ case study, we take a look at how Jason Cohen, Executive Director at Hamilton Leigh, helped the CEO of a big technology business carry out a full insurance health check of their business, which led to them enhancing cover without any additional cost to the client.

Background & challenge

Jason was introduced to the CEO of the large technology consultancy business by Matt Grimsdale, who was their consulting CFO. Matt explained that the client was keen to have an insurance review due to the lack of interaction they had from their incumbent insurance broker.

In order to carry out a comprehensive review of the client’s current insurance programme, Matt provided Jason and his team an insight into the background of the company, their operations and the types of clients they work with. Matt also provided Jason with all of the client’s current insurance documentation so that he and his team could review. After carrying out a thorough review, Hamilton Leigh arranged a meeting in London with the client to go through their findings.

Solution

With the client being a tech focussed business, two core fundamental covers they had were Cyber insurance and Professional Indemnity.

When carrying out their review, Jason and his team were able to ascertain that the Cyber insurance limit was unusually low, considering they are an organisation that would rely heavily on their network infrastructure to trade efficiently. Further to this, their Professional Indemnity, whilst in place, had a gap in coverage, specifically in relation to ‘Breach of Contract’ cover, which is a vital aspect of insurance for technology businesses.

During their meeting in London, Jason asked the CEO:

• What did their current relationship with their existing insurance broker look like?
• How did their current renewal process work?
• What was their understanding of the insurance marketplace for their risks?
• How often did their incumbent broker catch up with them on a regular basis to understand what was going on in the business and if their insurance provision needed to be adapted?

The CEO told Jason that they had never met their broker.

Outcome

Following their discussion around the client’s coverage and the service proposition that Hamilton Leigh provides, the client concluded that he would like to work with Hamilton Leigh.

Upon appointment, Jason and his team were able to include and enhance cover without affecting the cost to the client. Subsequently, this business went on to sell and cited that having the correct insurances in place, alongside a responsive insurance partner like Hamilton Leigh, supported their due diligence process with the acquirer enormously.

“From the outset, Jason and the Hamilton Leigh team demonstrated a deep understanding of the various insurance products available and took the time to explain the nuances of each option. Their professionalism and attention to detail made the complex process of selecting the right coverage straightforward and stress-free, especially at a time where the business was experiencing significant change.

What truly sets Jason and Hamilton Leigh apart is their dedication to client engagement and empathy. They are always responsive and willing to go the extra mile to ensure that we have the best possible coverage at the most competitive rates.

Thanks to Jason’s guidance, we feel confident and secure in our insurance choices. His expertise has not only helped us protect our assets but also provided us with peace of mind, knowing we are well-covered.

I would highly recommend Jason and Hamilton Leigh to anyone seeking knowledgeable, reliable, and trustworthy insurance brokerage services. Their commitment to excellence and client-centric approach makes them a standout professional in their field.”

CEO of Tech Consultancy Client

Here to help

To find out more about how we could help support the insurance needs of your technology business, take a look at our dedicated page here and contact us on 0208 236 5350 or email JasonCohen@hamiltonleigh.com

Research undertaken by RebuildCostASSESSMENT.com has revealed that four in every five buildings they survey are underinsured by an average of 37%. It is a growing risk that is affecting buildings, machinery, plant, and other contents which concerns private individuals and businesses of all types and sizes.

If you have not had a professional insurance valuation in the past five years, it is highly likely that your property will be underinsured. You could face serious consequences if you have to make a claim and it is discovered that you do not have the correct level of cover in place. If this was the case, your policy will not operate as intended, delivering less indemnity than needed following a loss.

To help you understand the risks of underinsurance, our sister company, Specialist Risk Insurance Solutions, have published a guide that:

• Explains why we are seeing more underinsurance
• Outlines the implications of underinsurance
• Discusses the actions you should take to prevent underinsurance
• Offers guidance on things to consider when choosing your valuation assessor

Download the guide:

If you would like to discuss this in more detail with a member of our specialist team, please get in touch for an introduction to one of our Commercial insurance experts.

The risk of underinsurance is often overlooked due to cost-saving, however, it is crucial to understand the significant consequences that underinsurance can have on your business.

Businesses operating in the automotive, technology, manufacturing and property sectors have complex insurance requirements and therefore, taking a proactive approach to underinsurance is vital.

To avoid underinsurance, businesses can take proactive steps to ensure that their insurance coverage adequately reflects their needs and potential risks.

Insuring your commercial property for an incorrect value, or setting your limits too low results in underinsurance, which can have serious and often devastating consequences for businesses.

Insuring your commercial property for an incorrect value or setting your limits too low results in underinsurance, which can have serious and often devastating consequences for businesses. Therefore, in the unfortunate event of a claim policies will not operate as intended, delivering less indemnity than needed following a loss. Ultimately, this could put a business’s ability to recover in jeopardy.