Millions of SMEs have no cyber cover

Millions of the UK’s SMEs remain exposed to the fall out following a cyber attack, according to research published today. A third of SMEs which have been offered cyber insurance have opted to go without -- the key barrier a belief that the business is too small to be targeted. This is among the findings of joint research from CFC Underwriting and Premium Credit.

This report comes as government figures show nearly a third of small businesses have suffered cyber attacks in the past year at an average cost of £3,650.

Almost a quarter of the SMEs polled say they believe cyber insurance to be inadequate, and a fifth say they simply don't understand it. Just 10% say they cannot afford it. Almost two-thirds say they have never even been offered the cover.

The research does at least show that many small companies are taking some action to improve cyber security, with only 3% found to have done absolutely nothing.

Distribution director at CFC Underwriting, Pat Brice, said more needs to be done to articulate the value of this increasingly important cover.

"It is becoming apparent that businesses are far more likely to fall victim to cyber crime than they are to traditional crime, yet they routinely don’t have the cyber protection they need. Insurance providers and brokers need to work together to make sure they are encouraging businesses in all industries to complement good cyber security with cyber insurance in case the worst happens.”


In figures: Cyber security measures in UK SMEs (Source: CFC Underwriting and Premium Credit)

71% use antivirus software:

66% regularly back up data

57% scan for malware and change passwords

47% back up data to the cloud

46% say all laptops use encryption

43% say all devices used outside office are password/PIN protected

38% say all devices used outside office can be locked/tracked if stolen

37% use a password manager

33% patch all software/firmware using latest manufacturer software

24% say staff sending sensitive data outside office use VPNs/3G/4G

    Share Story:

Recent Stories


Financial institutions were early adopters of cyber security and insurance. Are they still on top of the game?
Managing huge amounts of sensitive data online makes financial institutions a prime target for hackers. As such, the sector was an early cohort for insurers in creating cyber cover. Since then, the market has evolved almost beyond recognition. It continues to challenge itself to this day, complying with rigorous regulatory demands and implementing avant-garde enhancements to keep abreast of the ever-changing risks. Published June 2021

Manufacturing: An industry at risk amid great technological change
Of the many sectors of business, manufacturing companies are among the most at risk from cyber threats. How has the sector evolved to make it so vulnerable and what does the task of managing cyber exposure in a manufacturing company look like? CIR’s latest podcast with Tokio Marine HCC sought to answer all these questions and more. Published April 2021

Advertisement