SMEs in denial about the cost of a cyber-attack

Three quarters of SMEs have not set aside any budget to deal with the aftermath of a cyber-attack, research from PolicyBee finds.

Only 19 per cent of SMEs have put aside a war chest to deal with the repercussions of a cyber-attack, according to a study by PolicyBee.

Cyber insurance expert Sarah Adams, who commissioned the study for PolicyBee, says, ‘Cyber-attacks are not just an IT problem as they could impact sales, customer relations, reputation and a business’s bottom line, especially if there are legal ramifications or regulator fines.

‘SMEs really need to get past this mental barrier that cyber-attacks can be fixed in the server room; they can’t. It takes a whole business to plan ahead, practise for and react to a cyber issue, if you want to come through it unscathed.’

IT items most budgeted for by SMEs for after an attack are new software, new hardware, hiring an IT expert, and demonstrating the IT focus of most SMEs.

Other items that are much further down the budgeting list include hiring a legal expert, the cost of being sued by a customer for loss of their data, and hiring a public relations or social media expert to manage reputational damage.

The research from PolicyBee also shows that in the event of a cyber-attack, a third of SMEs believe they’ll be able to pass the associated costs onto their third-party IT support/expert.

Adams continues, ‘This raises several very interesting points: it is almost impossible to entirely defend a business against a tenacious cyber-attack, and most IT experts will have wording to that effect built into their contracts.

‘And in the event of an attack, most SMEs will be focussed on getting their business back on its feet – their priority will certainly not be suing their IT firm.’

However, despite 33 per cent of businesses believing they will pass on cyber-attack costs to their IT firm, more positively, over half actually have ‘complete confidence’ in their IT support.

Adams concludes, ‘Cyber-attacks and breaches are pretty costly – the average amount being an eye-watering twenty-six thousand pounds per small business. SMEs really need to step up their preparedness for an attack and have proper systems and importantly budget set aside which will stretch further than just resolving IT problems and help fix the business in its entirety.’

SmallBusiness.co.uk has produced an essential guide to recovering from cybercrime, talking to the businesses that were affected by malware and how they bounced back from the disruption. Read our free guide by clicking here

For more information on how PolicyBee can help your business, please visit the website by clicking here

Ben Lobel

Ben Lobel

Ben Lobel was the editor of SmallBusiness.co.uk from 2010 to 2018. He specialises in writing for start-up and scale-up companies in the areas of finance, marketing and HR.

Related Topics

Cyber Attacks

Leave a comment