Value of Cyber Insurance, 29% of Small Businesses did Nothing Post-Attack

cyber insurance

While cyber security threats continue to increase in number as well as severity, surveys appear to indicate that small businesses are still falling behind in cyber security readiness.

Writing in IT Business Edge, Sue Poremba notes a few Hiscox survey numbers that appear to be troubling cyber security professionals: 29% of small businesses did nothing after an attack, while 68% are reported at least one cyber attack within the past 12 months. These numbers would be less troubling if it was not for the fact that small businesses appear to be ill prepared to handle such issues before, during and after they occur.

2016 reports that indicated 60% of small businesses close after a cyber security threat, combined with what Poremba noted is a general “lack of access to security or IT professionals,” could be leading to significant problems for small businesses. An early 2016 PwC report showed that cyber security attacks have experienced a sharp rise in the past decade. Although that PwC report also showed that most (91%) of surveyed businesses had implemented some form of security management process, it appears many small businesses may have insufficient processes in place.

Small businesses should understand the value of and invest in a proper business recovery plan that helps keep their business operating immediately following an attack, leading to many that simply shut down within five years of an incident.

Poremba concludes her article by stating that “small businesses that need to step up their security process before disaster hits.” Given current data on how costly this can be for a small business, it is unlikely cyber security professionals like Poremba are simply engaging in scare tactics. Small businesses need to implement several strategies to help mitigate the risks associated with increasingly costly cyber threats, including a mixture of adequate recovery plans and Cyber Liability Insurance.