Why are small businesses vulnerable to cyberattacks?

While small businesses have accelerated the adoption of new technologies for work during the pandemic, their extensive IT networks created new vulnerabilities to attack. In addition, many small businesses don’t expect to be targeted by hackers, cyber security is therefore low on their priority list.

Cyberattacks are becoming more common for small businesses. According to Mastercard, hackers attacked SMEs twice as much as large organizations during the pandemic. During 2020 and 2021, data theft at SMESs jumped 152 %, compared to the previous two years , according to RiskRecon, a Mastercard company. When it comes to large companies, breaches increased by only 75 % over the same period.

Why do SMEs need cyber insurance?

Some small businesses are aware of the threat, but some are not insured in case of damage. General insurance does not cover legal fees due to a cyber attack, as well as the cost of fixing digital infrastructure and restoring confidential data. It is therefore important from SME to purchase cyber insurance to protect themselves and cover losses caused by cyber attacks and fraud.

Why do only 50% of SMEs have cyber insurance?

According to a WSJ Pro Cybersecurity survey, only 52% of SMEs with less than $50 million in annual revenue, have cyber insurance compared to 75% of larger companies.

The cost of cyber insurance is rising for SMEs

Getting cyber insurance can be vital for a small business, however, it is becoming increasingly expensive to obtain. The price of cyber insurance for SMEs has increased by 10 to 15%, according to ProWriters, a wholesale insurance company.

SMEs resist to implant the measures required to obtain cyber insurance

Price is not the only barrier. More and more small businesses are being turned away because they can’t meet the strictest underwriting requirements.

For example, companies may now be required to implement multi-factor authentication for all individuals with access to the company’s network. Multi-factor authentication helps reduce the risk of credentials being stolen and used by cyber criminals to gain access to a network. Insurers may also require SMEs to encrypt their backup data and develop a response plan in the event of a cyberattack.

Small businesses may be able to avoid some requirements by purchasing more a policy from a technology company that sells insurance, known in the industry as Insurtechs. Their insurance policies often have less onerous underwriting requirements initially, but they require small businesses to regularly improve their cyber security as a condition for maintaining coverage.

How can a small business implement security measures to obtain cyber insurance?

Reducing your SME’s risk exposure allows you to obtain insurance coverage at an affordable cost. This is not only a prudent investment, but also a way to reduce the cost of your insurance premiums each year. In some cases, the savings generated are often enough to justify the investments. The key is to do business with a recognized specialist in cyber security that caters to SMEs, such as B2B Cyber Secure. Their solutions are not only recognized by insurers, but are also adapted to the needs and limited budgets of smaller organizations.



PERIMETER, the blog on CYBER SECURITY and IT for SMEs Why are small businesses vulnerable to cyberattacks?