The word from Coalition on cyber events suffered by UK SMEs, it’s quite a common risk;
Coalition, the world’s first Active Insurance provider designed to help prevent digital risk before it strikes, today released a new survey revealing that nearly three-quarters of UK SMEs have been impacted by a cyber incident in the last five years. The research also shows that many businesses (35%) that previously had standalone cyber cover no longer do. Of those who decided against buying standalone cover, 35% said it was because they believed they had sufficient cyber cover under their wider commercial insurance policy.
Tom Draper, Coalition’s UK Managing Director, said: “Our research shows that many SMEs shifted their insurance priorities away from cyber insurance cover during the hard cyber market, and have not returned since the market has improved its offering.”
“However, this year, it’s been difficult to avoid seeing the consequences of a cyber attack, with big brands and high-profile organisations hit with disrupted operations and large recovery bills. Our survey shows that these events are now spurring decision makers into action, with 30% saying it has encouraged them to review their cyber insurance or request standalone cyber insurance quotes.”
The survey also found that businesses report being more vigilant about cyber risks (38%) and more aware of the importance of cyber insurance (37%). Yet, an alarming number (35%) still feel that the risk does not outweigh the cost of buying cyber insurance cover, and a similar proportion (33%) still believe they are unlikely to suffer a cyber incident. Given that the majority of respondents estimated the cost of a cyber incident at around £200,000, this appears to be a risky, and potentially expensive, decision.
Encouragingly, the research reveals that the recent high-profile incidents in the headlines this year have positively impacted businesses’ preparedness. Nearly two-fifths of businesses said they feel secure because they have a plan in place to handle a cyber incident, 36% of respondents have allocated more budget to cybersecurity, and 35% have reconsidered the level of cover needed to protect themselves.
Draper added that while high-profile incidents have prompted some businesses to take positive steps, they are lulling others into a false sense of security. “We have seen several high-profile cyber incidents this year, and while it raises the profile of cybersecurity and the importance of having robust cybersecurity systems in place and adequate insurance, it can also lead to the perception amongst SMEs that cybersecurity is a ‘big company’ issue.”
“While major retailers, food, and consumer companies like Jaguar Land Rover and M&S have the resources – and often the cyber insurance – to weather such incidents, most SMEs lack both the financial resilience and the resources to recover quickly. Cyber risk is no longer just an IT issue; it’s a fundamental business continuity threat that smaller and midsize firms must urgently prioritise.”
An independent research organisation conducted Coalition’s study in September 2025. The study sampled 600 senior insurance decision-makers at mid-market firms across England, Scotland, and Wales.
Be the first to comment