Awareness of the cyber threat is soaring among small- and medium-sized businesses as the potential impact from data breaches and phishing attacks hits home.
Collectively, small- to medium-sized (SME) business experts now account for almost half of Risk Barometer responses (47%). For medium-sized companies (annual revenues between €250m and €500m), cyber incidents ranks as the top risk for the first time (39% of responses), while for small-sized companies (annual revenues less than €250m) it ranks as the 2nd major business risk (30% of responses).
“The jump that cyber incidents have taken in the past year – from 3rd to 1st for medium-sized companies and from 6th to 2nd for small-sized companies – is significant and reflects an uptick in the attention paid to data breaches both by SME companies and their insurance brokers,” says Vinko Markovina, Global Head of MidCorp, AGCS.
As increasing numbers of cyber incidents occur and are reported, more evidence of its financial impact is available to SME-sized businesses. The impact can be catastrophic. Research shows that in in 2017, the average cost of a data breach in North America was $117,000 for SMEs1, while other studies show that hackers have breached over 50% of small businesses, with these numbers up year-on-year2.
SMEs can be vulnerable as many do not have sufficient revenue to afford their own IT departments or access to the knowledge and resources to protect themselves against evolving threats. They can be particularly susceptible to phishing attacks via email or fraudulent activity happening in their e-commerce storefronts.
Employing a Chief Information Security Officer (CISO) who can implement a comprehensive information security management system is considered a must in combatting the cyber threat but this can be costly and time-consuming and is often beyond the financial reach of many SMEs. However, AGCS has partnered with Silicon-Valley based software company Zeguro to implement a “virtual CISO” platform as part of its insurance coverage, which enables SMEs to access tailored security recommendations and training for employees, helping to reduce the overall risk of financial loss following an incident.
“Cyber insurance used to be a confusing and relatively expensive cover for SME-sized businesses. However, as coverage has become more available, affordable and easier to understand, we are seeing more demand,” says Markovina. “Activity around cyber will only accelerate in the SME space through 2018.”
SOURCES
1. Kaspersky Lab
2. Ponemon Institute, 2017 State of SMB Cybersecurity Report
Newsletter
Keep up to date on all news and insights from Allianz Commercial
