SMEs – are you prepared for a cyberattack?

The risk of cyberattack is on the rise, with Gov.UK urging businesses and charities to strengthen their cyber security practices as new figures show the frequency of attacks is increasing.

This is partly as a result of the rise in people working from home during and after the pandemic, which has hugely increased a company’s cyber vulnerabilities. Essentially, it means your business is being run from your employee’s home, placing your entire network at risk and potentially allowing an attacker to easily gain access to your company.
 
As a result of this vulnerability, not only has the risk of attack risen sharply, but cyberattacks are becoming increasingly weaponised. There’s currently been a shift from ransomware that encrypts data to ransomware that steals data and threatens to publish it if a ransom isn’t paid.
 
This is enabled by phishing, whereby a victim is duped into opening an attachment or clicking on a link in an email or message that has been carefully created to mimic a trusted company or entity. Once the attacker has access to the system, malicious software is downloaded giving the hacker access to sensitive information, enabling them to attack undetected.
 
A recent cyber report, published by Coalition on 14th September 2022, revealed that phishing now accounts for 57.9% of reported claims and that cyber criminals have built thriving businesses on fund transfer fraud as they increase attacks on organisations with weak or exposed infrastructures. It’s estimated that up to 88% of UK companies have suffered breaches in the last 12 months.
 
Against this rise of cyberattack comes the worrying revelation that the majority of SME’s don’t have any form of cyber insurance in place. In fact, the number of cyber insured SMEs is estimated to be around 10%. Given that most SMEs don’t have the necessary resources to manage a cyberattack or the liquidity to handle a large ransomware demand, this complacency puts a large number of SMEs at risk. Moreover, it’s a risk that is constantly evolving, with new threats emerging that could stop business operations altogether.
 
Case in point, on 29th November 2022, a cyberattack was launched against international software provider, SSP, who supplies solutions to many of the major insurers, including Legal & General and Direct Line, highlighting the fact that nobody is immune and the importance of cyber insurance.

Latest cybersecurity figures

  • Two-thirds of companies with 10 – 49 employees have suffered some form of cyberattack in the last year
  • 60% of small businesses go out of business within six months of a cyberattack
  • Phishing is the biggest threat, representing 25% of all cyber-crime events.

Tailored cyber cover

Given the increase in phishing attacks, cyber cover is something that all SMEs should be actively considering. But what protection does cyber insurance provide?
 
Cyber cover will protect you against losses incurred as a result of cyberattack, including damage to or loss of information or data from your IT and online systems. It can also cover cyber extortion, cyber business interruption and cyber liability, as well as giving you access to specialists who can advise how to manage and report the attack. Depending on the level of cover you have in place, it can include such services as IT forensics, legal advice and public relations support to help manage any reputational damage to your company.
 
Our business is your protection

Our priority is to protect your business. Drawing on our cyber knowledge and experience working with SMEs, we will first discuss your risk exposure to current and emerging threats, before arranging tailored cover to ensure you have the appropriate level of cover in place.
 
If any or all of your business is dependent on a digital system, ask yourself how you would manage if it ceased to be operational and what you would do to restore the service. This is what cyber insurance is for - to keep your business running in a world operated by digital systems and increasingly threatened by cyberattack. Don’t wait until it’s too late - to find out more or to arrange bespoke cyber cover for your business, call NLIG on 01992 703007 or email insurance@nlig.co.uk