A survey of SMEs by property and casualty insurance company Chubb has revealed that the majority of cyber incidents that occurred over the past year were mainly due to internal factors, such as business interruption from system malfunction and technical fault (27%), data loss through system malfunction and technical fault (23%), and human error (18%).
“Some SMEs believe they are too small to be targeted by cyber criminals or any internal issues will not greatly impact them. In effect, they think they are 'too small to fail'. However, our own claims data highlights numerous small business compromises and ransomware events that are decimating the cash flow of small businesses,” said Andrew Taylor, cyber underwriting manager, Chubb Asia Pacific.
The Chubb survey — Too Small to Fail? — also reveals that nearly all SMEs are confident in their ability to overcome a cyber incident and, in Australia, 87% of the respondents believe they can overcome an incident, with more than half (56%) believing they can contain an incident within 12 hours.
According to Chubb, this seeming over-confidence is contradicted by other findings, namely:
- Sixty-seven percent believe they are not aware of all the cyber threats they face.
- Thirty percent of SMEs who experienced cyber incidents did not know which data files were affected.
Chubb reveals the survey also uncovered a lack of understanding from SMEs regarding cyber insurance, with 59% of SMEs in Australia not fully understanding the insurance solutions available to them while 62% have never purchased cyber insurance before.
“Clearly, there is a need for more education about the value of cyber insurance,” said Tim Stapleton, senior vice-president, Cyber & Technology, Chubb Overseas General.