Is Your SME Covered for a Cyber Attack?
Cyber risks are the number one threat to SME’s today and over half of those which suffer some form of cyber attack, never recover and go out of business within 6 months!
Cyber security incidents cost the average small business £25,700 last year in direct costs (e.g. ransoms paid, and hardware replaced). Indirect costs such as damage to reputation, the impact of losing customers and difficulty attracting future customers, remains unmeasured but is expected to significantly exceed this.
It may be the high-profile cases featuring large enterprises that make the headlines, but the truth is, it’s far easier for hackers to get results from smaller businesses.
SME business owners are busy running their businesses. They tend to hold at arm’s length anything that they either don’t fully understand or that they don’t see immediate value in…because they have to focus on what they know and do best.
IT is too often something that they either do themselves or rely on friends, family or other members of staff to look after. The more enlightened ones employ the services of local IT providers – but the majority see IT as a necessary evil and rarely invest what they should.
Often those charged with looking after a company’s IT systems and infrastructure are not IT experts and they are most definitely not cyber security specialists.
But even if you had an infinite budget, employed a crack cyber team and installed every solution available, it still wouldn’t guarantee absolute security against a cyber-attack or data breach. If the biggest businesses in the world are fallible, what chance does the average SME have?
It really is a case of when, not if!
There are two key aspects to surviving in the increasingly cyber risky landscape:
- Prevention, through adequate investment in IT and increased education, training and policies
- Insuring you are adequately insured in the event a breach does occur.
We’ve covered the importance of number 1 in other posts, so here we’re going to focus on cyber insurance for SME’s, which, when you consider that 75% of SMEs have no cyber insurance whatsoever, it’s a pretty important subject.
- Cyber insurance buyers fall into 3 camps:
- Companies which have suffered a breach
- Companies which are simply ahead of the curve in managing their risk
Phantom Insured – those who mistakenly believe they are covered for cyber through existing policies
According to a HM Government report, amazingly over 50% of SMEs fall into the phantom category! They are under the mistaken impression that their current business insurance policies cover them for cyber attacks.
For some, that could well be the case, but our advice is to make certain now and to not wait until you are hit by a cyber attack and need to make a claim.
But, as we know, insurers don’t make it easy and their policy wordings are often difficult to understand and, unless you read them thoroughly, tend to include exclusions that only become clear when your claim is declined. Cyber policies have been likened to ‘Swiss cheese’ in their exclusions of cover so our advice is to work with a specialist broker who had a deep understanding of the SME sector.
We help SME owners across Yorkshire and beyond understand the risks to their business from cyber threats and work exclusively with a cyber insurance broker to provide free insurance policy reviews of their existing insurance and, where required, offer more suitable cover for those not adequately insured.
If you’re worried your SME might be at risk from a cyber attack, or may not be adequately insured, get in touch right away.