a block saying data breach on a computer keyboard

Does Your Small Business Need Cyber Breach Insurance?

According to a 2019 report by the Federation of Small Businesses, small businesses fall victim to around 10,000 cyber-attacks every day. Cybercrime is estimated to cost small businesses a staggering £4.5 billion each year, with the average cost of a single attack at £1,300.

The latest 2020 Cyber Breach Survey from the government, reported that incidences of cybercrime were on the increase. The government survey put the financial cost for SMEs higher than the FSB report at an average of £3,230 in 2019.

Small businesses suffer 10,000 cyber-attacks every day

In spite of the apparent and increasing threat posed by cyber criminals, UK businesses are under-protected against cyber risk. Research published by the Association of British Insurers in 2020, stated that only 11% of businesses have specific cyber cover in place.

There are 5.6 million SMEs in the UK, contributing more than £2.6 trillion in turnover and accounting for 99% of all businesses.

A survey undertaken in 2024 found that 50% of UK businesses suffered some form of cyber security breach or attack.

What does all this tell us? In a nutshell that cyber-crime is on a seemingly unstoppable upward trajectory. Also, as each year passes SMEs are at a greater risk of suffering a cyber-attack. Yet, that uptake of cyber insurance is still far too low, despite its viability and affordability.

Let’s take a closer look at the most common types of cyber-attack and some real-life examples of cybercrimes that have taken place in the recent past.

What is Cybercrime and What Type of Cyber Attack Poses the Biggest Threat to Small Business?

Cybercrime comes in many forms, all with the aim of causing destruction and eliciting money for cyber criminals. Here are some of the most common examples:

  • Phishing. – phishing attacks usually take the form of emails with the aim of obtaining information
    or spreading malware.
  • Malware. – usually software containing a virus that’s distributed as an email attachment, infected app or fake software installations.
  • Ransomware. – ransomware is a type of malware specifically designed to block access to vital systems or
    databases until a ransom is paid.
  • Baiting. – this uses incentives (e.g. giveaways) to lure people into compromising their security.
  • SMS phishing. – these are text messages used to gain information or infect systems with malware.
  • Diversion theft. – this works by getting users to send information to the wrong recipient and thereby steal confidential information.
  • Scareware. – this is typically a pop up saying that a user’s security is out of date or that they have malicious software on their PC. This scares the user into visiting a malicious website or persuades them to buy non-existent products.

National Advice from experts

There’s more information about cyber-attacks on the National Cyber Security Centre website.

The most common form of cybercrime is phishing attempts, with 530,000 small firms suffering from such an attack over the past two years.

Incidences of malware (374,000), fraudulent payment requests (301,000) and ransomware (260,000) also affect many thousands of small businesses each year. 

There have been a number of high-profile cyber-attacks in the last few years.

  • Cyber criminals blocked access to their systems and demanded that Travelex pay a ransom.
  • At British Airways and Marriot Hotels major data breaches led to record fines from the Information Commissioners Office of £183 million and £99 million respectively.
  • In 2017 Wonga suffered a cyber-attack that compromised the confidential data of 245,000 customers in the UK.
  • The WannaCry ransomware attack in 2018 targeted the NHS and led to the cancellation of 19,000 medical appointments.

What Measures Can Small Businesses Take to Protect Themselves Against Cyber Attacks?

There are a few relatively simple steps you can take to protect your business against cybercrime, including:

  • Conduct a cyber risk assessment to identify the types of risks you face and the impact they might have. Doing this will help you pinpoint and prioritise what actions you need to take to mitigate the risks.
  • Ensure you have a robust password policy and two-factor authentication process in place to keep data and systems secure.
  • Regularly install software updates and keep anti-virus software up to date.

Taking these steps may seem like common sense. But, 35% of small businesses haven’t installed security software and 40% do not regularly update software. A similar proportion do not back up data and IT systems, while only 47% have a password policy for devices. 

As with anything, prevention is better than cure. However, if your business does fall victim to a cyber-attack, you will be much better placed to deal with it if you are covered by Insurance.

The Association of British Insurers has produces a key report on today’s threats and mitigation for SMEs.

What Does Cyber Insurance Cover?

Not all Cyber Insurance policies are the same. Therefore, it’s important that you consider the risks your business faces and look for a cyber policy that offers the right protection.

As an example, Tapoly’s Cyber Breach Insurance provides the following cover:

  • Legal and Forensic Services. Our experts will work with you to identify the source of the security breach. They’ll assess the extent of the breach and recommend the actions that should be taken to restore your systems securely.
  • Computer Security Failure. Protect your valuable data assets stored on computer systems. This includes whether your data is altered, corrupted, damaged, or deleted outright. If you unknowingly pass a virus onto any client or customer computers because of the breach you will still be covered.
  • Notification Services. We’ll notify any individuals who may have been affected by your security breach.
  • Call centre services, credit monitoring and identity monitoring solution. We’ll provide you with the call centre resources and monitoring specialists to anyone who may have been compromised because of the security breach to your systems.

Find out more about Cyber Insurance from Tapoly.

If you would like a quote or want more information about our products, email us at info@tapoly.com or call 020 7846 0108

Similar Posts

Manufacture industry Staff Having Accident in Factory Industrial Accident
| | |

What is Employment Practices & Liability Insurance?

ByMichael

All UK workers have certain legally-enforced employment rights. If an employee feels that their legal rights have been violated, then they may make a claim against their employers. Employment practices & liability insurance covers businesses against such claims. What Does Employment Practices & Liability Insurance Cover? The UK government has many laws in place to…

When Do I Need to Register My Business?
| | | |

When Do I Need to Register My Business?

ByMichael

You have a legal obligation to register your business. But when do you need to do this, and how do you do it? Whether you’re just starting out, or you’ve been running a business for a short while already, this post will show you how to meet the legal requirements. When To Register as Self-Employed…

Professional Indemnity Insurance For Tradesmen
|

Professional Indemnity Insurance For Tradesmen

ByMichael

Whatever your trade – whether you’re a builder, an interior designer, a painter decorator, or a plasterer – you should consider getting professional indemnity insurance cover. What Is Professional Indemnity Insurance? All tradesmen have to deal with unsatisfied customers from time to time. But some unsatisfied customers choose to take legal action – especially if…