Cost of cyber attacks on small businesses revealed

by |
Cyber attacks are costing small businesses in Australia an average of $6,600 per attack, research has revealed.

According to Norton’s recent SMB Cyber Security Survey, one in five small businesses were attacked during the previous year with only 14% of small businesses covered by a cyber insurance policy. For micro-small businesses this figure shrank to 3%.

The research also found that the biggest impact of cyber attacks on small businesses was downtime (40%), followed by the expense of re-doing lost work (26%) and inconvenience (24%)

Mark Gorrie, director of Norton Business Unit, Pacific region, Symantec, said that the data is relevant for brokers as it shows the different reasons why businesses need cyber cover.

“We asked the question, ‘how long could you survive without your business data’, and 31% said they couldn’t survive beyond a week,” Gorrie told Insurance Business.

“Most people would look at it as a financial loss but clearly for those that have suffered an attack, time became a big issue. For brokers, they can ask whether a client can afford to have three days downtime in their business. That has a real cost to it.”

Gorrie warned that cyber insurance cannot be seen as a form of protection.

Investments in security and training are still needed as, in the long run, they will help keep cyber insurance pricing low and ensure that businesses are as secure as possible.

Gorrie said that brokers can advise their clients to remember the basics of cyber security, as many ignore easy ways to stay safe. Using complex passwords, different passwords for different accounts and ensuring that cyber security software is on all PCs and mobile devices are a good way to start. Gorrie added that backing-up data is paramount.

“With a lot of these threats, you can continue to invest in technology but you can never guarantee to have 100% protection,” he said.

He added that businesses that do the basics – they have security in place, they do back-ups – are well placed. However, it’s cyber insurance that is really “the catch-all beyond that mitigated risk.”


Related stories: 
Cyber predictions reveal target markets
More data needed on cyber risk

Corporate Risk & Insurance forum is the place for positive industry interaction and welcomes your professional and informed opinion.

Name (required)
Comment (required)
By submitting, I agree to the Terms & Conditions