One In 10 SMEs Have Suffered From A Data HackOnly 25% are very confident in their security measures
Research by Hiscox; specialists in small business insurance [http://www.hiscox.co.uk/business-insurance ], has found that one in ten (10%)* small businesses in the UK have experienced a data hack. The research also revealed that 90% don't have a cyber crime insurance policy in place to protect them against the financial, business interruption and legal costs they would incur should they be struck by cyber crime.
Hiscox found that while four in ten (41%) SME owners are concerned about their computer systems being hacked, only 25% are very confident about the security measures their company has in place to protect against these risks. The research also shows that small business owners are more concerned about risks relating to cyber crime, such as being hacked (39%) or phishing (36%), than they are of physical items (laptops, customer paperwork) being stolen from the office (31%).
Hiscox SME insurance expert, Alan Thomas, comments: "Cyber crime is costing the UK economy around GBP11bn a year** and while the media is reporting a growing number of high profile data breaches, some small businesses may also be a popular target for hackers because their systems are usually easier to get into and the breach may not be found out for a good few weeks."
"We know that cyber crime insurance policies might be the last thing on an entrepreneurs' mind when they are trying to drive their business forward on a day to day basis, but it is worrying that over one in ten (13%) of these businesses don't know what security measures they have in place and if they are protected from online crime", Thomas says. "It is increasingly important for small companies to evaluate all the risks their businesses face, both online and offline, and include their IT security and protection requirements in the overall contingency strategy."
Hiscox offers the following security tips to help SMEs protect themselves against online risks:
- Running an enterprise is a full-time activity and if you do not have
online technical expertise seeking professional advice on security can save you time
and hassle in the long run by ensuring the security measures cover your business needs
- Protect information with an internal 'need-to-know' policy. If storing
information on a central file server, manage who has access to these files. This can
help prevent accidental or deliberate data loss
- Encrypt important information for extra security so that only authorised users
will be able to access it
- Using the internet and email to conduct business means that data loss becomes
a bigger risk. Develop a clear email policy and raise online security awareness with
employees and follow up on suspicious emails even if they're a one off
- Make it protocol across the business for employees to use numbers and letters
in passwords that provide much more robust protection from online criminals, if you
are handling client data, you will need to ensure you possess a professional indemnity
- Back up your files and check your insurance cover so that you can get
your business up and running again quickly in the event of an incident
- Items like laptops and computer monitors are common targets for thieves and
the real cost of a stolen IT asset isn't just the hardware; it's the lost data and
the lost productivity. Lock servers in a room and move laptops into a secure drawer
at the end of a working day.
Notes to editors
* The Survey Shop interviewed a sample of 300 UK SMEs drawn at random from online panels of small businesses with fewer than ten employees between 14 and 17th May 2012. The respondents were qualified as owners, partners and directors.
The research has statistical accuracy of +/- 2% to +/- 4% for the whole sample at 95% confidence.
** A Ministry of Defence-initiated report [http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf ] (PDF) containing the GBP11.6bn estimate (all figures converted from dollars) was prepared in June 2012.
Hiscox, headquartered in Bermuda, is an international specialist insurance group listed on the London Stock Exchange (LSE:HSX). There are three main underwriting parts of the Group - Hiscox London Market, Hiscox UK and Europe and Hiscox International. Hiscox London Market underwrites mainly internationally traded business in the London Market - generally large or complex business which needs to be shared with other insurers or needs the international licences of Lloyd's.
Hiscox UK and Hiscox Europe offer a range of specialist insurance for professionals and business customers, as well as high net worth individuals.
Hiscox International includes operations in Bermuda, Guernsey and USA.
For further information, visit http://www.hiscox.com.