The average monthly cost to an SME of putting in place a full range of cyber security measures is £4,962, equating to an annual spend of £59,566, according to data from insurer CFC.

To arrive at these figures, the cyber specialist reviewed a number of cyber security solution costs from a range of third party providers to calculate the cost to an SME in the UK employing 100 staff.

CFC examined the same range of security measures to those currently provided under the insurer’s own cyber insurance policy, including phishing protection, external vulnerability management, external asset discovery, threat intelligence, zero-day vulnerability discovery and real-time cyber expert service.

“…The biggest problem that brokers face when it comes to selling cyber insurance is price,” says Jason Hart, head of proactive insurance at CFC. “This is where the real value of our proactive cyber insurance cover for SMEs becomes clear. Not only do they get a promise to pay should a cyber event occur but, more importantly, they get a promise to protect their business. Using unique insights from threat intelligence feeds, the dark web, network scanning and our own real-life claims data, we identify potential threats and alerts customers before an event happens.

“The average value of a ransomware demand is around £147,044 – yet the typical cost of our cyber insurance to an SME is only £3,715 and includes all the proactive security and alerts we provide,” Hart continued.

CFC’s figures do not include any estimation of the cost to a business of the time required to install, update or manage any technology or software as part of any outsourcing arrangement.

---