Expert view: Managing SMEs' cyber risk

Information technology (IT) has revolutionised the way small and medium enterprises (SMEs) do business. The vast majority of SMEs now rely on IT infrastructure to deliver crucial aspects of their operation.

SMEs are increasingly aware of the need to manage the risks that accompany their growing cyber dependency. However, while cyber insurance policies are now widely available, it can be challenging for brokers to secure a sale from their SME customers.

While cyber insurance may not be viable for some SMEs, there are still a number of tools and techniques you can use to address customer concerns about cyber risk.

Growing cyber dependency

Zurich’s SME Risk Index found that 97% of SMEs use technology in running their business, and nine out of ten (89%) SMEs view computer equipment as a crucial asset to their business – more important than stock, buildings, other types of machinery, and even their brand name.

When asked where they saw the biggest growth potential in the coming years, SMEs were quick to highlight a number of IT solutions. One in five say that online trading and social media marketing was their biggest opportunity for growth, with mobile technology (18%) and cloud computing (11%) also ranking highly.

A functioning and secure IT infrastructure is therefore of increasing importance for SMEs, with their cyber dependency expected to increase as they continue to integrate more technology into their business models.

“As consumers fully immerse themselves in the digital age, businesses must adapt to meet the changing needs of the market,” says Anne Griffiths, Head of SME Propositions at Zurich.

“When we speak to business owners we are seeing that change, as small companies across the UK are going digital to stay competitive, to keep profitable and to meet the evolving needs of their customers.”

Awareness of the risks

Cyber risk has received a lot of global news coverage following a number of high-profile cyber attacks.

Earlier this year, vehicle hire company MNH Platinum was the victim of a virus that encrypted over 12,000 files on the company network. Criminals decrypted the files, in return for a £3,000 ransom.Examples like this are forcing businesses of all shapes and sizes to wake up to the risks that accompany their growing cyber dependence, and consider ways to manage them.

Encouragingly, SMEs are showing a high level of awareness, with 38% viewing cyber attacks as the greatest technological vulnerability that could harm their business, followed closely by data loss and privacy breaches (37%).

As cyber risk continues to move up SMEs’ agendas, brokers will need to find ways to address these mounting concerns if they are to remain competitive.

“It is encouraging to see the number of small businesses identifying cyber security as a major risk,” says Anne. “But as we learn more about the true dangers of hacking and data breaches, business must do more to educate one another and reduce the risk of cyber crime.” 

Offering risk management advice

In a competitive SME insurance market, where customers place a large focus on price, brokers can differentiate their offering by demonstrating the true value of their brokerage’s expertise.

With many SMEs saying they are unable to afford a cyber insurance policy, offering risk management advice on the topic is an excellent way for brokers to help customers address one of their most pressing concerns.

Brokers can draw on the extensive cyber risk management material available on Zurich’s broker hub – insider.zurich.co.uk – which ranges from a 5 step guide to building cyber resilience, to more in-depth topics such as preventing phishing attacks and managing the risk of employees’ portable devices.

Free benefits to enhance brokers’ offerings

With cyber attacks increasing by roughly 40% each year, according to global security company Symantec, businesses are increasingly looking for affordable means of protecting their business.

In response to this, Zurich’s SME proposition now includes a free Cyber Protection Helpline. This helpline offers customers expert advice if they fear they are victims of a range of IT and cyber-related perils, including:

Cyber crime – fraud, hacking, internet or email abuse, inappropriate use or distributed denial of service (DDoS).

Equipment failure – both accidental or malicious

Theft of confidential data or data loss

Brokers can use this free service, and other benefits exclusively offered to Zurich’s SME customers, to differentiate their offering, increase the competitiveness of their quotations and steer customers’ away from focussing solely on price.

To find out more about Zurich’s enhanced SME proposition, please speak to your local Zurich contact or log in to ZTrade.zurich.co.uk