A significant proportion of businesses and SMEs have had to cancel their cyber insurance policies to manage the COVID-19 fallout, exposing themselves to cyber threats. COVID-19 has brought cybersecurity into the spotlight, as businesses around the globe have been forced to adopt remote-working practices overnight, also presenting more opportunities for cybercriminals.
According to GlobalData’s 2020 UK SME Insurance Survey, 11.8% of SMEs cited that they had cancelled their cyber insurance policy, while a further 8.6% were considering no longer holding this type of insurance. The main reason for cancelling their policy was to cut down costs, as COVID-19-hit businesses had to prioritise their expenses to stay afloat, chancing being unprotected should fraudsters attack them.
Yet the pandemic has presented more opportunities for cyberattacks as more people work from home, leaving more employers exposed to threats. Limited IT support when working from home, installing software security updates, and using unprotected home networks and own laptops – coupled with a lack of cybersecurity training – have all contributed to a rise in cybercrime. Rejected coronavirus-related claims led a substantial proportion of businesses to cancel their cyber policies, while others deemed that their policies did not provide the cover they expected only after they had made a claim.
Research carried out by broker SJL Insurance Services indicates that 12% of UK businesses targeted by cyber fraudsters had suffered monetary losses during the pandemic. The average loss was £223,516. More individuals became victims of cyberattacks when working from home rather than when working from their business’ office.
Our survey also finds that just over a third (33.7%) of UK SMEs have cyber insurance in place. With an increasing number of businesses set to adopt more flexible working practices in the future than in the pre-pandemic era, and with others set to adopt hybrid work models, there is good scope for growth for cyber insurance. However, providers must ensure that the level of cover taken out by businesses is right for their needs and the cyber risks they face to avoid future disappointment and cancellations.
At the same time, the increase in the number of cyberattacks brought about by the pandemic adds a layer of complexity for insurers. Premiums have increased substantially as insurers try to de-risk. In addition, it is unlikely that premiums will fall any time soon as the threat of the virus remains high, with the potential emergence of new variants that could escape vaccines, ensuring the virtual space remains of utmost importance.