According to figures announced yesterday by the Federation of Small Businesses (FSB), SMEs are now regularly falling victim to cyber crime, costing them nearly £800 million each year. This highlights the ever changing nature of cyber risk faced by every size of business, says specialist underwriting agency CFC, and insurance brokers should take notice.
Speaking about the FSB report, Graeme Newman, Director at CFC commented: “It is great to see that for the first time the FSB has looked directly at the impact cyber crime has on small business. After a number of high-profile attacks in recent years, larger businesses are beginning to better understand the risks they face from cyber criminals and are therefore taking more measures to protect themselves. Because of this, hackers, fraudsters and phishers are increasingly turning their attention towards smaller organisations. Whilst the rewards might not be as high, SMEs are often less secure and less prepared in the event of an attack”.
According to the FSB report, 41 per cent of their members have been a victim of cyber crime in the last 12 months at an average cost of around £4,000 per business and around 3 in 10 have been a victim of fraud. The most common threat to small businesses is virus infection, which 20 per cent of respondents said they have experienced. Eight per cent had also been a victim of hacking and 5 per cent had suffered a security breach.
Newman continues: “The insurance industry has been slow to embrace and tackle head on the issue of cyber crime faced by every size of company in every sector of business. Many insurers have built policies that are simply a carbon copy of those sold in the US and focussed primarily on privacy and data breach notification. However, as highlighted by the FSB report, cyber crime is costing businesses millions of pounds every year.”
To bridge this glaring gap in the market, CFC launched a new cyber policy earlier this month. The policy, CPM, is a fully blended yet modular policy that can be tailored to the individual needs of companies of every size. Features of the policy include comprehensive cyber crime cover, both first and third party privacy breach notification costs, and innovative business interruption cover which not only covers lost revenue during system downtime but also the loss of future revenue due to consequential reputational harm that could so easily bring a small business to its knees. Also, unlike many cyber policies, CPM does not impose a retroactive date meaning that there is no restriction on when an event which gave rise to a claim occurred.