Small-medium sized enterprises (SMEs) remain particularly vulnerable to cyber attacks, with just half of SMEs surveyed by Argo Group having purchased protection despite the drastically rising threat of cyber crime.
Nearly two-thirds of SMEs surveyed have already been victims of a cyber incident, but the majority of firms remain underprepared with less than half of respondents believing their cyber cover is adequate.
However, SMEs that purchase cyber insurance policies show high satisfaction rates with their products: 89% say their cyber insurance is performing as expected, 86% report their cyber insurance covered the security breaches they suffered, and 68% said they were “satisfied” with their cyber cover, according to the Argo survey.
Firms with cyber insurance protection both value and use the product; 36% of respondents with cyber insurance policies have filed claims with their providers in the past 12 months, and over 1 in 5 firms with cyber insurance policies are seeking to expand the coverage of their policy.
So what’s stopping more SMEs from taking steps to shore up their cybersecurity risks?
According to the Argo Group report, 42% of SMEs don’t purchase cyber insurance because they believe their in-house security is adequate, 35% said insurance is too expensive, while 32% cited a lack of interest in cyber insurance from their senior management or board of directors.
Simon White, senior vice president, group head of cyber, said companies continue to “overestimate their ability to protect against potential attacks and underestimate the damage a cyber attack can cause.
“It’s only a matter of time before the next major cyber attack, which is why it’s crucial for companies to take the time to reevaluate how they protect themselves.”
With the WannaCry and Petya ransomware attacks taking systemic global cyber crime to a new level this year and the U.S. experiencing one of the biggest data breaches in history when hackers gained access to an estimated 143 million personal records from Equifax, 2017 has moved the cybersecurity question into executive’s top priority.
As a result of the attack, the consumer credit reporting agency lost an estimated $4 billion in stock value, and yet-to-be-determined losses caused by customer abandonment.
A hack into Yahoo accounts reduced the firm’s sale price by $250 million.
Cyber criminals are becoming more sophisticated and targeting companies from all industries.
With firm’s like Equifax set to be investigated by the UK’s Financial Conduct Authority (FCA) over its large data loss, businesses and consumers have become increasingly aware that the cybersecurity landscape has drastically changed and cyber insurance uptake is expected to rise significantly, opening up more opportunities for re/insurers in coming years.