NFU Mutual Sounds Warning to SMEs On Cyber Risks

24 February 2025 alastair walker Insurance Brokers 0

The latest from NFU Mutual, who have useful advice for many small businesses looking to avoid being hacked, and secure their financial and customer data.

With more than nine in 10 small businesses using digital tools to operate day-to-day, the risk of cyber-crime is an ever-increasing worry.

That is why commercial insurer NFU Mutual is urging Small and Medium Enterprises (SMEs) who may not think they are vulnerable to online criminals to take simple and efficient steps to keep themselves protected.

The message comes after the latest Intuit QuickBooks Small Business Index Report showed 95% of small businesses say they use digital tools in their daily operations.

More than half surveyed said they use it for accounting software, six in 10 have a business website and over a third have digital HR or payroll platforms. All of these – and more – can be targeted by cyber criminals no matter the size of the operation.

NFU Mutual research in 2024 found that over half (53%) of retailers had fallen victim to cyber issues, with an alarming eight out of 10 in the motor trade industry having been affected by this type of crime at one time or another. Almost a quarter of tradespeople – an industry containing multiple small businesses and sole traders that wouldn’t typically be associated with digital crime – had suffered a cyber-attack or cyber incident in the last 12 months, the research showed.

James Trevis, NFU Mutual’s cyber specialist, said: “Small businesses are increasingly reliant on digital tools, but often lack the resources to defend against cyber-crime. This makes them prime targets.

“Whilst this risk cannot be eliminated, it can be mitigated through positive action. This should include good cyber security hygiene – including two factor authentication on critical applications – but also planning for the worst.

“Cyber Insurance is likely to be a cost-effective measure to support response and recovery from a cyber incident and many modern policies are now full of preventative solutions and support for small customers. Action on cyber risk is not a luxury; it’s essential for protection.”

Further research from the Office for National Statistics shows there are 5.6million SMEs in the UK, which contribute more than £2.6trillion in turnover.

Commercial insurer NFU Mutual has highlighted the following digital technology that would be at risk for small businesses:

  • The use of computers and software including email and other applications to communicate with customers, order materials and sell products
  • Servers or digital storage facilities to hold customer and employee data
  • A website to promote your business and sell products
  • The use of online banking to transfer funds, purchase suppliers and receive payment from customers
  • Internet connected devices – such as office computer networks, CCTV and lighting

To help protect your small businesses, NFU Mutual recommends the following 10 steps:

  1. Install a firewall and anti-virus software on all company devices and keep them updated
  2. Use strong passwords – but crucially don’t use the same log in details or passwords across multiple accounts and services, always separate personal and business accounts
  3. Implement Two Factor Authentication (Multifactor Authentication – MFA) – this is a simple method which requires two different methods to ‘prove’ your identity before you can use a service, generally a password plus one other method such as a text message or fingerprint
  4. Ensure all software is up to date and kept updated on a regular basis
  5. Back up your files and data weekly and store on a separate, secure device
  6. Educate employees around cyber-crime, including how to spot potentially dangerous or fraudulent emails or websites
  7. Make sure factory set passwords such as those on hardware like routers and other connected devices are changed periodically and equipment is set up with security in mind
  8. Where appropriate, use a Virtual Private Network (VPN) when allowing employees access to company systems remotely. Ensure this too is protected by Two Step Verification
  9. Don’t neglect physical security – ensuring all company devices are securely stored and locked away when not in use is just as important.
  10. Have a Business Continuity Plan (BCP). This should outline the steps necessary to respond to a cyber incident and help speed up recovery. Crucially this should include a list of vendors (IT, Legal etc) you can call upon at short notice. A cyber insurance policy can provide access to these specialists and pay their costs.

Find out more about NFU Mutual’s cyber insurance: https://www.nfumutual.co.uk/business-cyber-insurance/

About alastair walker 19731 Articles
20 years experience as a journalist and magazine editor. I'm your contact for press releases, events, news and commercial opportunities at Insurance-Edge.Net
Twitter

Related Articles

Big Data

Qomplx Calls For Industry Standards on Data

25 March 2021 alastair walker Big Data 0

QOMPLX™, the leader in cloud-native risk analytics, is establishing an open initiative to encourage improved transparency and consistency in data across the insurance industry. This will also improve collaboration and interoperability. QOMPLX is curating and […]

News

Admiral Launches Standalone Pet Insurance Brand

15 August 2022 alastair walker News 0

Admiral Pet Insurance has officially launched, making it the 4th insurance product to be underwritten by Admiral alongside Motor, Home and Travel Insurance. Customers could previously buy pet insurance through the brand via a third party, […]

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.