Nearly a third of UK businesses have experienced security breaches or attacks in the past year but despite this the research shows that only around 30% of medium-sized firms now have cyber insurance and the overall proportion of businesses remains relatively low at 11%.
Whilst many of the cyber incidents that are publicised involve large companies, hackers now recognise that often smaller businesses present an easy target. Over a third of targeted attacks are aimed at businesses with less than 250 employees, many of which don’t have the resources available to manage the impact of an attack. The effects of these attacks can be many and varied but mainly result in:
- Financial costs of your own, or from third parties, in dealing with lost data
- Legal and Regulatory implications for breach notifications
- Damage to tangible and intangible assets
- Loss of reputation and customers in the event of a security breach
The Financial Conduct Authority (FCA) has recently published a useful document bringing together industry insights on cyber resilience. Since 2017, the FCA has brought together over 175 firms across different financial sectors to share information and ideas from their cyber experiences and they run these Cyber Coordination Groups (CCGs) with industry to help improve cyber security practices amongst members of the CCGs and their sectors discussing and sharing practices in the following areas: Governance, Identification, Protection, Detection, Situational Awareness, Response and Recovery, and Testing.
This is in the hope that the practices and experience of the groups help those firms not already involved when considering where to prioritise their efforts in increasing cyber resilience.
To read the FCA “Cyber security – industry insights” publication click here.
You will note that many of the insights in the publication refer to advice and guidance from the National Cyber Security Centre (NCSC) and they have produced a Small Business Guide which is worth looking at as it shows how to improve cyber security within your organisation – quickly, easily and at low cost by following the five quick and easy steps outlined below which could save time, money and even your business’ reputation.
- Protecting your organisation from malware – 5 free and easy-to-implement tips that can help prevent malware damaging your organisation.
- Backing up your data – 5 things to consider when backing up your data.
- Avoiding phishing attacks – Steps to help you identify the most common phishing attacks.
- Keeping your smartphones (and tablets) safe – 5 quick tips that can help keep your mobile devices (and the information stored on them) secure.
- Using passwords to protect your data – 5 things to keep in mind when using passwords.
To read the NCSC Small Business Guide click here.
While risk management will help to prevent a cyber-attack, even the best security does not mean you will not one day experience an incident. In the event that an incident does occur, cyber insurance provides a valuable safety net and risk aware businesses are increasingly recognising the vital role that Cyber Liability mitigation and insurance products play as par of an effective risk management strategy.
Cyber-attacks are widely recognised as one of the greatest risks faced by businesses and with premiums these days starting at very reasonable levels we would encourage all firms that are serious about risk management to seriously consider purchasing a good quality cyber policy.
Our insurance solutions will give you 24 hour 7 days a week access to immediate support, guidance and risk mitigation just when you need it.
If you would like to find out more about how you can protect your business with cyber insurance, please give Andy Wright or Tony Housden a call on 0207 292 6011 or 0207 292 6018, or, email us at [email protected], or, [email protected]
