Aviva: SMEs are leaving themselves exposed to cyber attacks

Despite escalating digitisation, Aviva found that over three-quarters of businesses do not have any cyber insurance cover in place

New research from Aviva, a multinational insurance company, found that the majority (86%) of British small to medium enterprises (SMEs) do not have any cyber insurance cover in place.

Aviva’s latest SME Pulse Survey, which polled 505 SMEs in the UK, found that this lack of insurance protection comes at a time of rapid digitisation. Statistics showed that 41% of SMEs updated their website in response to the pandemic, and 39% moved online or improved their online offering. Nearly all (96%) of those who made a change confirmed that they would keep the changes. However, despite increasing their digital presence, only 11% updated their cyber cover at the time.

Only 14% of SMEs said they had any cyber cover, with significant regional variances. Just 3% of Scottish SMEs had cyber cover in place, compared to 32% in Northern Ireland.

Alana Muir, Senior Cyber Underwriter at Aviva, said: “The pandemic has accelerated digital adoption across all businesses, meaning cyber insurance has quickly moved from a perceived luxury to an absolute must-have. Cyber cover doesn’t just protect businesses against an attack, but it also ensures they have fast access to expert specialists, so they can return to normal as quickly as possible in the event of a cyber incident.

“We know from our Aviva Risk Insights report that cyber-attacks are one of the biggest issues faced by SMES. This gives us a perfect storm where cyber attacks are increasing while businesses leave themselves exposed through lack of cover. So it is important that businesses make sure they are not just staying on top of their digital admin but they are also covered if they are one of the increasing number being targeted by online criminals.”

Aviva’s top tips for business owners:

  1. If you are unclear about your digital risk, contact your insurance broker to understand the risks to your business and what protection you may need.
  2. Always use individual identification and passwords to access your computer equipment and change default or manufacturers passwords.
  3. Back up all data every 7 days or less and store backups securely and away from the data or programmes they relate to.
  4. All personal and business data must be stored and disposed of in a secure manner. Remember the definition of ‘personal data’ includes information you hold on suppliers, business emails, and employee data.
  5.  Install any updates for firmware, operating systems, software, or programmes within 14 days of release where the updates address a vulnerability described by provider as critical, important, or high.
  6. Ensure that any equipment connected to the internet or other network is protected by a suitable firewall and ensure it is updated automatically or at intervals of a month or less.
Share

Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI