The latest from GlobalData;
With the risk of high-profile cyberattacks continuing, GlobalData figures show that small and medium sized enterprises (SMEs) in the UK are aware of the higher risks they face than those before the pandemic however, many still remain uninsured. The last month has seen both Revolut and Holiday Inn fall victim to cyberattacks, and it is clear that UK businesses are concerned about this.
GlobalData’s 2021–22 UK SME Insurance Surveys found that many SMEs in the UK believe the level of cyber risk they face has increased since the pandemic. Close to a third of respondents across both surveys felt that cyber risks had either increased or significantly increased. There was a slight rise in SMEs indicating they faced more risk in 2022, with ‘increased’ and ‘significantly increased’ accounting for a combined 32.7% of respondents in 2022, compared to 30.7% in 2021.
Ben Carey-Evans, Senior Insurance Analyst at GlobalData, comments: “This degree of concern is likely to have been increased by high-profile businesses in the UK continuing to fall victim to cyberattacks. Holiday Inn announced it had been hit on September 7, 2022, which stopped its online systems from working. Similarly, digital bank Revolut announced it had been a victim on September 20, 2022. This saw a third-party gain access to a small (0.16%) proportion of its customers’ data for a period of time.
“These prominent attacks will raise awareness among SMEs that anyone can be targeted and that cyber attackers can cause disruption in a range of different ways. Larger businesses are also more likely to have more robust IT systems in place, so it is likely to be easier to attack an SME.”
Cyber insurance penetration remains low (only 56.2% of medium businesses, 40.0% of small businesses, and 16.8% of micro businesses had a cyber insurance policy in 2022), according to GobalData’s 2022 UK SME Insurance Survey, despite many businesses across the country knowing they face a higher risk than ever before.
Carey-Evans concludes: “Insurers therefore need to show they can help businesses stop attacks by offering preventative coverage, including security systems and staff training, which would make the often-expensive premiums worth paying.”