By Tim Ryan, Executive Chairman at UNA
As research reveals that 40% of major US companies have cyber insurance cover compared to just 13% of UK businesses, we have called on UK small and medium-sized enterprises (SMEs) to ensure they are fully aware of the tactics and options available to them to help defend themselves in cyberspace and guarantee they aren’t faced with heavy costs to their bottom line and reputation.
In addition, according to the PWC 2014 breaches survey, 60% of UK businesses had a cyber-security breach and 45% suffered infection from viruses or malicious software in the last year (up 4% from 2013), and 59% of respondents expect there will be more security incidents in 2015.
With the Data Protection Act 1998 making businesses responsible for the handling of information relating to individuals, failing to handle this information correctly can lead to claims being made against a business and has highlighted how some insurance policies may provide elements of cyber cover, but most will exclude losses caused by a cyberattack.
This is a pitfall for so many businesses, particularly the smaller ones. A separate cyber policy will ensure that your cyber risks are fully catered for and most importantly, will ensure less of an impact on the bottom line of a business. However, the emergence of cyber risk is an area of concern for businesses when reviewing their insurance provision. Cyber liability insurance can be a tricky area to understand, and is a changing landscape. They are attached to a number of employee issues, including homeworking, social media and staff sharing increasing amounts of data. You can’t ignore it – you have to react. You need to take sensible precautions along with insurance. You need to think and answer the questions at different levels. You need to get buy-in at senior management team and board levels about risk.
Industry is by far the biggest victim of cyber-crime and is also one of the areas expected to take our economy forward. The key for businesses is to recognise the role insurers can play in driving improvements in cyber-security risk management. We have already seen a commitment from the government to work closer with insurers to help develop the UK’s cyber insurance market. Companies should now be assessing their vulnerability to cyberattacks and taking advantage of risk management and insurance solutions to mitigate the potential for these events to harm their business.