Cyber security insurance for business

Do you think you’re covered?

The UK cyber insurance market continues to grow at a steady rate against a backdrop of heightened security threats.

This has partly been brought about by a global change in working practices following the pandemic and by more businesses claiming losses as a result of breaches in their cyber security. Regulatory and compliance changes – and the demands of Professional Liability insurers – will only increase the pressure on businesses to take the appropriate steps to meet increasingly stringent obligations.

As risks grow, insurers will expect businesses to be better prepared to counter cyber attacks demanding that the steps taken meet their exacting standards. There are already examples of Professional Liability claims being refused due to inadequate cyber protection, with remedial and unplanned steps inevitably costing more.

We’re seeing cyber security vendors adding insurance expertise into the mix, with a service extension that helps companies to achieve the standards expected of them by the more aggressive insurance providers. In future, the cyber defence will be more than just the responsibility of IT, but will become a pivotal foundation for business continuity and compliance.

It’s not just the big boys

As an SME, you could be operating under the false perception that it’s only big businesses that are the target of hackers.  This is because the biggest scams have the biggest public profile – like the Microsoft Exchange breach that prompted the European Banking Authority to pull its entire email system offline. 

The Public Sector isn’t immune either, with London Hackney City Council and the Irish Health Service Executive both being breached in 2021. There’s a continuing upward trend for cyber attacks in general, but hackers are re-focusing their efforts towards smaller businesses because they are, on the whole, easier targets because they lack sophisticated security infrastructures. 

SME cyber breaches are more common than you realise

Many small-medium-sized businesses feel they’re cyber resilient because they’ve got native Microsoft 365 and antivirus built-in, plus a few extra technologies to bolster their posture. As a result, a reported 1 in 10 of these businesses have suffered a cyber breach in the past year.

The majority of SMEs hold data that’s interesting to hackers and can be used in a much wider attack targeting individuals or the company themselves. This data can include sensitive customer information, employee social security numbers, credit card numbers, account numbers, driver's license numbers and health records rise in attacks.  In education and the public sector, the ramifications are far wider.

High rollers beware!

According to Forbes, some people working within smaller businesses are more at risk of being attacked than others.  Hackers target high-value accounts for take-over. CEOs and CFOs are attractive targets and twice as likely to be taken over compared to the average employee.  Once in, these cybercriminals use these accounts to gather intelligence and launch attacks within the business.

Forbes also states Executive Assistants are also a popular target as they have access to executive accounts, and calendars and can send messages on behalf of executive teams.

New Government Initiative

The Government recently published the UK National Cyber Strategy 2022-2030 and within it, there’s a small mention of insurance in Pillar 2 of the Strategy on Cyber Resilience.

Who knows what the future will hold in terms of Legislation, but in the meantime, encouraging businesses to facilitate effective cyber security is going to be high on the Government’s agenda.

Get ahead of the game

Just like any other business insurance, the more losses escalate the more insurance providers will become more demanding in the cyber insurance market,  As time goes on it’s likely there will be stricter criteria for risk selection and higher premiums. 

One thing’s for certain, these threats aren’t going away. It makes sense for insurers to continue to influence and incentivise businesses that adopt effective cyber resilience practices and offer products and services accordingly. Being ahead of the game and establishing a robust cyber resilience posture, not only protects your most valuable business assets today but will most likely cost you less in insurance premiums in the long run.

Take control

With so many different types of attacks on the threat landscape, the cost of remaining in control gets greater all the time.  Even if you’re prepared to bear the hefty cost of licensing individual technologies, and the salaries of the extra people to manage it and can hire from a diminishing pool of skilled resources, there’s no better time to consider your options.

Managed Security Services are a great way to take a staged approach toward a robust cyber security posture. What’s the harm in starting the conversation?

Related Articles
Modern Workplace Strengthening operational and digital resilience under DORA
Strengthening operational and digital resilience under DORA

How financial institutions can proactively address the challenges of the new regulations.

Modern Workplace DORA compliance for financial services: What you need to know
DORA compliance for financial services: What you need to know

How to ensure your business is ready for mandatory DORA compliance.

Modern Workplace How CSRD impacts every business
How CSRD impacts every business

Practical steps to protect your future viability.

Unified Communications Managing complex UC environments
Managing complex UC environments

The changing dynamics of UC and the impact on IT.

Modern Workplace Data Subject Access Requests
Data Subject Access Requests

And why IT should care about them.

Devices Sustainable IT
Sustainable IT

Read this eBook on how the digital revolution is going green

Devices Go green with your IT
Go green with your IT

5 ways to achieve sustainable IT

Managed Security Services Webcast: Cyber Resilience for SMEs: Taking Control
Webcast: Cyber Resilience for SMEs: Taking Control

Cyber preparedness insights from a serving police superintendent

Share this story

Find out more about ensuring all your cyber security bases are covered

We're a community where IT security buyers can engage on their own terms.

We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.

Interested in what you see? Get in touch, and let's start a conversation Get in touch