A recent cyber-attack phenomenon has seen hackers use the fear and uncertainty surrounding coronavirus to trick staff into letting them into their systems. A phishing email pertaining to be from the World Health Organization attempts to make staff open malicious attachments or reveal sensitive information.

According to our 2019 UK SME Insurance Survey, under one in four (22.4%) SMEs with cyber insurance report to be covered for human error. Given that the penetration rate of cyber insurance for SMEs in 2019 was 34.6%, the majority of SMEs in the UK are leaving themselves vulnerable to attacks of this type.

Go deeper with GlobalData

Data Insights

The gold standard of business intelligence.

Find out more

 

 

Source: GlobalData’s 2019 UK SME Insurance Survey

 

One way of combating this is with preventative measures. Some cyber insurers focus on preventing attacks to reduce payouts and avoid lasting damage for companies. A key form of this is in training staff, especially in how to spot phishing emails, to make sure they are not letting hackers into their systems. A slightly lower proportion of SMEs have this included in their existing policies, at 17.7% in 2019. Preventative policies are more expensive but are arguably worth the risk to avoid disruption, and news stories such as this are likely to increase interest in them. The percentage of SMEs that do not have cyber insurance but would be interested in it is slightly higher than the existing numbers for both categories. This suggests that both have growth potential, though it is still under one in four (23.9%) for human error and one in five for staff training (18.6%).

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Total losses from Coronavirus-related cyber-attacks in February 2020 alone were estimated by the police to be over £800,000 from 21 separate cases in the UK. The phishing attacks have either claimed to have an attached list of people with the virus or have even asked the victim to make a bitcoin payment for it.

The issue for companies, and consequently insurers, is that there are so many different elements to a cyber-attack that even a comprehensive policy is unlikely to cover all risks or losses. Potential claims categories such as reputational damage, physical damage, ransom payments, business interruption, data breaches, and phishing would be included in human error.

Human error will be the cheaper category to be covered against, and this is likely why it is more popular. However, as high-profile cyber-attacks continue to emerge, and hackers even prey on topical fears, having a properly trained workforce may be the safest option for businesses.