Less than 30% of SMEs report cybercrime to police or insurers
SMEs will invest in taking practical steps to protect themselves following a cyberattack but, according to a survey undertaken by business advisers and accountants at Scott-Moncrieff, only 26% report the matter to the police – and just 23% have contacted their insurer.
Despite only 32% of respondents being comfortable that their prevention measures would be sufficient in the event of an attack, just 26% of SMEs have invested in any form of cyber insurance.
Fraser Nicol, Head of Business and Technology Consulting at the firm, said: “SMEs are increasingly aware of the threat of cyber-attack and they are taking it seriously. However, many seem unsure as to whether their investments have been effective and unclear about what they would do to recover their losses in the event of a cyber-attack. SMEs seeming reluctance to report issues is a concern, given that reporting will become compulsory next year.”
Cyber-attacks are both one of the fastest growing and most economically damaging categories of crime. The research indicates concerns among SMEs over reputational damage and harming client relationships is stopping businesses from reporting an attack.
The research also indicated that SMEs under-estimate the cost of dealing with a cyber-attack. Amongst those that had already experienced an attack or data loss, the cost involved in rectifying breaches was a key concern for the future, but less so for those that had not previously been attacked.
Nicol added: “These risks are very real for small as well as large business, so it’s important to plan ahead. Business owners must take their own preventative steps to ensure they are not only investing in protecting their business from an attack, but also ensuring they have the plans in place to deal with a breach should one occur anyway. This points to investing in specialist cyber-insurance and establishing a response plan.
“Online crimes are rising with hackers increasingly targeting a wider range of companies. Hacks of big businesses may grab headlines but thousands of SMEs suffer cyber-attacks every day.
“Whilst investing in preventative measures is vital, businesses must also ensure they have a plan in place to deal with an attack in order to mitigate any losses that are incurred.”