IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

29% of UK SMBs cancelled cyber insurance policies in 2021

Even if SMBs are becoming more concerned about cyber attacks, they’re unlikely to be willing to pay even higher premiums to protect themselves

Almost 30% of small and midsize businesses (SMBs) cancelled their cyber insurance policies in 2021 due to cost cutting.

The price of cyber insurance is likely to still be too high for UK SMBs, according to a survey from GlobalData released on Friday. 38% of these businesses think it is unlikely they will be targeted in a cyber attack while 29% cancelled their policies in 2021.

The data and analytics company carried out the survey between August and September last year, where it explored SMB behaviours, purchasing preferences, and attitudes across commercial insurance products. Every company included in the survey had fewer than 250 employees, with 2,001 businesses surveyed in 2021.

GlobalData noted that as risk of attack increases, so will the premiums. It said that given that cutting costs is one of the leading causes of policy cancellation, this will be a significant obstacle.

The firm added that the Ukraine-Russia war has only heightened potential cyber security risks. It pointed to the UK’s National Cyber Security Centre (NCSC) advising all organisations in the country to bolster their cyber security in March 2022, specifically due to the increased risk from the war.

“Even if UK SMBs do become more concerned about their business being targeted by cybercriminals, they are unlikely to be willing to pay even higher premiums to protect themselves,” said Ben Carey-Evans, senior insurance analyst at GlobalData. “It is a difficult product for insurers to price, as unlike other products, they cannot look to limit risk—any SMB could be hit with a cyber attack at any time, and the costs can be significant.”

This is the biggest challenge for NCSC as SMBs are more vulnerable as they don’t take cyber hygiene seriously, said Muttukrishnan Rajarajan, professor of Security Engineering and director of the Institute for Cyber Security at City University of London. This, in turn, makes them the most vulnerable targets for a cyber attack.

Rajarajan has been teaching cyber security essentials for CEOs and CTOs as part of a programme at the university. He found that most of the individuals from the companies he taught didn’t take cyber security seriously and didn’t know about cyber insurance.

“Interestingly, a few came back to me after a few months of my lessons and said they have been attacked and need help! So I have seen first-hand the impact of these SMBs without any cyber security protection,” he explained.

Related Resource

Security awareness training strategies for account takeover protection

Why you need an inside-the-perimeter strategy for internal threats

Security awareness training strategies for account takeover protection - whitepaper from MimecastFree download

A good cyber insurance policy should offer training to employees that specifically targets areas of risk within a business, said Steve Arlin, VP of the Americas, UK and APAC at ProLion.

“It can cover loss in income from a data breach and it can cover the cost of investigation work following a GDPR breach as well. While the cost of cyber insurance has certainly risen in recent years to keep pace with developments in cybercrime, it is definitely worthwhile.”

“This is a disturbing statistic as it illustrates that arguably businesses – faced with rising costs – are looking at saving money where they think it won’t matter,” he added. “This is short sighted in the extreme.”

Small businesses were warned in December 2021 to prepare for a potential surge in ransomware attacks in 2022 as cyber criminals turn to campaigns that are less likely to draw coordinated action from law enforcement. A report found that cyber criminals were adapting to increased pressure from police agencies that launched several successful operations to dismantle criminal networks.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

The total economic impact™ of Datto
Whitepaper

The total economic impact™ of Datto

24 Aug 2021
Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021

Most Popular

FCC commissioner urges Apple and Google to remove TikTok from app stores
data protection

FCC commissioner urges Apple and Google to remove TikTok from app stores

29 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Internet providers look to ease cost of living crisis with cheaper broadband
broadband

Internet providers look to ease cost of living crisis with cheaper broadband

29 Jun 2022