The lack of strong encryption and security in SMBs in the UK has led to an increase in the number of policies covering cyber breaches, claims British insurance provider CFC Underwriting, who announced handling some 400 claims for privacy breaches alone in 2016.
According to CFC Underwriting figures, approximately 90 percent of businesses affected reported revenues of under £50 million “largely down to the fact that on the whole, UK businesses have a lower level of security maturity than their US counterparts,” said Graham Newman, Chief Innovation Officer.
For example, while policies in the US cover around £80m, in the UK the highest cover is for £25m, according to Paul Delbridge, partner at PWC.
“Not investing in your cyber-defenses is very risky because if there’s a material breach it becomes a very public event and often the PR fallout is such that the business never really recovers,” Delbridge said.
The most-filed claims were for privacy breach (31%), financial loss (22%) and ransomware (16%). With cybersecurity turning into a fundamental aspect of a company’s strategy, insurance companies have expanded their offering by adding security, data forensics and PR services, Newman explained.
To protect companies, especially those in the financial services industry, British lawmakers urge intelligence agencies to collaborate with regulators in the fight against cyber criminals.
“It is essential that the intelligence community gives the regulators the technical and practical support they need to do their job. This means making sure that financial cybercrime has a high priority, and is not subordinate to other work,” said Andrew Tyrie from the British Conservative Party. “Failure to do so would inhibit the ability of financial institutions to maintain an adequate level of protection for millions of consumers.”