Cyber insurance purchasing among small-to medium-sized enterprises (SMEs) has been increasing, but their preparedness often lags larger companies.
According to a recent report from research and consulting firm Global Data, cyber insurance penetration among the SME sector is now at 14%. While relatively low, it has grown from just 2.1% in 2014.
According to the Hiscox Cyber Readiness Report 2017, the uptake of cyber insurance may be even higher, although it still lags that of larger organisations. Some 45% of larger firms in the UK say they have cyber cover compared with 32% of smaller ones.
In its report, Hiscox found that smaller firms are often hit hardest by a cyber attack. It found that, while big firms incur the highest costs in nominal terms, the financial impact of a cyber-attack is disproportionately high for the very smallest companies.
Almost half of all crime is related to fraud and cyber offenses, according to the Office for National Statistics. At the same time, the average cost of a data breach in the UK is also increasing – at just under USD 4 million in 2016, up 14.5% compared with 2014, according to the Ponemon Institute.
More to do
Small businesses are, however, struggling to keep up with cyber security, according to Hiscox. It found that smaller firms were less likely to adopt key cyber security initiatives than larger ones.
This finding was echoed by a recent study from CFC Underwriting. It found that 27% of SMEs are failing to educate staff on the threat of a cyber attack while 56% do not have an incident response plan in place.
According to CFC, SME’s are less likely than large businesses to understand their cyber risk profile, with 20% of SMEs never assessing the business exposure to cyber risk.
Given their limited resources and the growing importance of the digital economy, SME’s need support when it comes to cyber security and when responding to an attack.
Cyber insurance tailored to the needs of SMEs is available in the market. JLT has recently launched our cyber insurance facility specifically for the UK SMEs, offering broad first and third party cover as well as incident response and consulting services.
Download Cyber Decoder
For further information, please contact Sarah Stephens, Head of Cyber, Content and New Technology Risks on firstname.lastname@example.org