Is cyber security on your risk management agenda?

01 May 2017

In this month’s edition Aaron Yates of Berea Group, a member of JLT’s Cyber Risk Consortium discusses the importance of risk management for UK SMEs.

With experts warning that cyber-attacks will only increase and that businesses must do more to protect themselves against losses, do you have cyber security on your risk management agenda and what does cyber security really mean? 

When the “World Wide Web” began in 1991, no one could have ever predicted what the digital world would look like today. Currently there are over five billion internet-connected devices, two billion people online with billions set to join over the next decade and a total of eight trillion e-commerce transactions last year. 

This rapid growth in cyberspace makes it an increasingly valuable and important arena for UK businesses. However, as we put more and more online and “into the cloud”, businesses need to be confident that their employees, networks, and processes supporting their prosperity are knowledgeable, secure and resilient. 

Cyber security incidents are frequently hitting the headlines now, usually relating to large corporates. You may be surprised to learn that it’s not just big businesses that are suffering. In fact, 66% of UK SMEs were attacked in the last year (a rise of 33% from 2015). It is predicted that this number will further rise in 2017. 

Despite the rise in both awareness and incidents, many small to medium sized businesses are still not being proactive in addressing cyber as a part of their risk management strategy. This may be due to a lack of understanding, confusion as to what to do, a lack of time and availability or perhaps a belief that it will never happen to them. Whatever the reason, it is the responsibility of company directors to ensure the safety and security of their staff, clients, data and finances. 

Cyber security has parallels to your office fire safety. Once you know what and where the problems are, you can be proactive and do something about securing against the risks. For example, you may engage an expert to install fire extinguishers. However, without the training and the understanding of when and how to use them, the extinguishers are little more than an ornament, unable to protect your employees. 

Engaging an expert to help understand and address the risks that cyber security presents can improve the protection of your staff, your clients and your business. Learning about the threats that exist, identifying where you might be vulnerable, and understanding how to mitigate the threats reduces risk, and improves security. 

Berea helps businesses to understand and address cyber security. Their approach is to normalise the subject, remove the fear and embrace the risks. To find out more information, please visit the Berea website.

Download Cyber Decoder

For further information, please contact Sarah Stephens, Head of Cyber, Content and New Technology Risks on



Find out more

Read our Cyber Risks & Insurance Insights

Read more

Receive our monthly cyber risk newsletter