A study released on Tuesday by specialist insurer Hiscox revealed that nearly three-quarters (73%) of firms face major shortcomings in cyber security readiness. The US topped the list in cyber expertise, with 13% ranking as ‘cyber experts’ compared to 11% of global respondents, according to the study.

Almost half (45%) of businesses surveyed globally reported at least one cyber attack in the past year; two-thirds of those targeted suffered two or more attacks.

The report revealed that more than half (52%) of US small businesses say they have no intention of securing cyber insurance, while only 9% of their larger counterparts say the same. Fifty-eight percent of US companies with more than 250 employees have cyber insurance, while only 21% of US companies with fewer than 250 employees can say the same,

As firms increasingly recognize the dangerous impact of a cyber attack, it necessitates the demand for protective and preventive resources. Almost 60% of survey respondents believe their overall cyber security spending budget will increase by five percent or more. The average IT budget of survey respondents in the US is $11.65 million, with 10.6% being devoted to cyber security.

“As threats become more advanced and sophisticated, cyber readiness is no longer a ‘nice to have’ but a ‘must have’ for businesses of all sizes,” said Dan Burke, Vice President and Cyber Product Head for Hiscox in the US.

“There needs to be a dedicated investment, and not just a financial one, in order prevent, detect and mitigate cyber attacks. Beyond the allocation of funds, an organization must focus on its people, its thinking and its processes, in order to become a cyber expert.”

The Hiscox Cyber Readiness Report 2018, which gauges how prepared businesses are to manage cyber threats, surveyed department managers, IT specialists and key professionals at more than 4,100 small to large companies in the US, UK, Germany, Spain and the Netherlands.