Small businesses across the UK are counting the cost of not having insurance policies protecting them against the increasing risks of cyber attacks or data breaches, says H&H Insurance Brokers. As small or medium sized enterprises (SMEs) are being targeted by cyber criminals because more employees are working from home, companies across the country are thousands of pounds out of pocket by not having cybersecurity insurance cover.
Figures from the UK Gov Cyber Security Breaches Survey 2022 showed that 39% of SMEs reported cyber breaches or attacks in the space of 12 months, with the average cost of the breaches estimated at £4,200. It was revealed a large percentage of SMEs do not have insurance policies covering them from such breaches and the most common objection to purchasing insurance is that the companies have ‘good IT security’ in place so don’t think they are at risk of cyber attacks.
Luke Conn-Goodman, an account executive at H&H Insurance Brokers which works across the north of England, south of Scotland and Wales, however, said that IT security does not fully protect a business and there is no financial reimbursement if cyber criminals successfully breach the business’ digital security.
He said: “Not purchasing a cyber insurance policy because you have good IT security is similar to suggesting that an organisation doesn’t need theft cover on a property policy because you have high quality locks on your doors, or you don’t need fire cover because you have a new sprinkler system in place.
“There is a big difference between vulnerability and risk. No matter how much a company invests in IT security, they will never be 100% secure.
SMEs TEND TO BE TARGETED
While security breaches at large, major companies grab the headlines, SMEs are the most common victims of cyber attacks as they are deemed an easy target for cyber criminals. The rewards may be smaller financially, but they are viewed as ‘low-hanging fruit’ due to lack of resources to protect themselves.
A common pitfall for businesses is to purchase the cheapest cyber insurance policy or meet the minimum cyber security requirements specified by an insurer, however it is essential that SMEs ensure they have adequate cover to protect in all scenarios. Businesses which adopt good cybersecurity practices can significantly reduce insurance premiums, and it is recommended companies construct a cyber incident response plan to alleviate such risks.
Advice from trained insurance brokers is advised to ensure SMEs fully understand which cybersecurity insurance policies would best suit their business, and ensure they’re fully protected if they become a victim to cyber criminals.