IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

29% of UK SMBs cancelled cyber insurance policies in 2021

Even if SMBs are becoming more concerned about cyber attacks, they’re unlikely to be willing to pay even higher premiums to protect themselves

Almost 30% of small and midsize businesses (SMBs) cancelled their cyber insurance policies in 2021 due to cost cutting.

The price of cyber insurance is likely to still be too high for UK SMBs, according to a survey from GlobalData released on Friday. 38% of these businesses think it is unlikely they will be targeted in a cyber attack while 29% cancelled their policies in 2021.

The data and analytics company carried out the survey between August and September last year, where it explored SMB behaviours, purchasing preferences, and attitudes across commercial insurance products. Every company included in the survey had fewer than 250 employees, with 2,001 businesses surveyed in 2021.

GlobalData noted that as risk of attack increases, so will the premiums. It said that given that cutting costs is one of the leading causes of policy cancellation, this will be a significant obstacle.

The firm added that the Ukraine-Russia war has only heightened potential cyber security risks. It pointed to the UK’s National Cyber Security Centre (NCSC) advising all organisations in the country to bolster their cyber security in March 2022, specifically due to the increased risk from the war.

“Even if UK SMBs do become more concerned about their business being targeted by cybercriminals, they are unlikely to be willing to pay even higher premiums to protect themselves,” said Ben Carey-Evans, senior insurance analyst at GlobalData. “It is a difficult product for insurers to price, as unlike other products, they cannot look to limit risk—any SMB could be hit with a cyber attack at any time, and the costs can be significant.”

This is the biggest challenge for NCSC as SMBs are more vulnerable as they don’t take cyber hygiene seriously, said Muttukrishnan Rajarajan, professor of Security Engineering and director of the Institute for Cyber Security at City University of London. This, in turn, makes them the most vulnerable targets for a cyber attack.

Rajarajan has been teaching cyber security essentials for CEOs and CTOs as part of a programme at the university. He found that most of the individuals from the companies he taught didn’t take cyber security seriously and didn’t know about cyber insurance.

“Interestingly, a few came back to me after a few months of my lessons and said they have been attacked and need help! So I have seen first-hand the impact of these SMBs without any cyber security protection,” he explained.

Related Resource

Security awareness training strategies for account takeover protection

Why you need an inside-the-perimeter strategy for internal threats

Security awareness training strategies for account takeover protection - whitepaper from MimecastFree download

A good cyber insurance policy should offer training to employees that specifically targets areas of risk within a business, said Steve Arlin, VP of the Americas, UK and APAC at ProLion.

“It can cover loss in income from a data breach and it can cover the cost of investigation work following a GDPR breach as well. While the cost of cyber insurance has certainly risen in recent years to keep pace with developments in cybercrime, it is definitely worthwhile.”

“This is a disturbing statistic as it illustrates that arguably businesses – faced with rising costs – are looking at saving money where they think it won’t matter,” he added. “This is short sighted in the extreme.”

Small businesses were warned in December 2021 to prepare for a potential surge in ransomware attacks in 2022 as cyber criminals turn to campaigns that are less likely to draw coordinated action from law enforcement. A report found that cyber criminals were adapting to increased pressure from police agencies that launched several successful operations to dismantle criminal networks.

Featured Resources

IT best practices for accelerating the journey to carbon neutrality

Considerations and pragmatic solutions for IT executives driving sustainable IT

Free Download

The Total Economic Impact™ of IBM Spectrum Virtualize

Cost savings and business benefits enabled by storage built with IBMSpectrum Virtualize

Free download

Using application migration and modernisation to supercharge business agility and resiliency

Modernisation can propel your digital transformation to the next generation

Free Download

The strategic CFO

Why finance transformation propels business value

Free Download

Recommended

Uncover new insights with your data in the cloud
Whitepaper

Uncover new insights with your data in the cloud

19 Jan 2023
Threat hunting for MSPs
Whitepaper

Threat hunting for MSPs

10 Jan 2023
An end-to-end roadmap for SMB cloud migration
Whitepaper

An end-to-end roadmap for SMB cloud migration

8 Dec 2022

Most Popular

The big PSTN switch off: What’s happening between now and 2025?
Sponsored

The big PSTN switch off: What’s happening between now and 2025?

13 Mar 2023
Why – and how – IP can be the hero in your digital transformation success story
Sponsored

Why – and how – IP can be the hero in your digital transformation success story

6 Mar 2023
What is GPT-4?
artificial intelligence (AI)

What is GPT-4?

15 Mar 2023