Why SMEs should be turning to their insurance broker for help in mitigating cyber risk

by Simon Hughes, Cowbell’s SVP, Global Distribution & General Manager UK

Historically, the UK’s awareness of cyber threats has lagged compared to other technologically advanced countries – evidenced by everything from levels of investment in cybersecurity to the level of preparedness reported by businesses.

In 2022, even the UK Government admitted that “serious gaps remain” when it comes to national resilience.

Despite an investment of £2.6 billion in cybersecurity over three years as part of its National Cyber Strategy 2022, the latest statistics speak for themselves; 50% of UK businesses reported some form of cybersecurity breach or attack in the past year, a figure that rises to 70% for medium-sized enterprises.

However, as cyber threats become increasingly sophisticated and frequent, and the growth of cloud storage and reliance on software vendors continues, awareness and preparedness is thankfully starting to change.

Not only has cyber insurance adoption increased of late, with 62% of medium-sized businesses now having some form of coverage, but SMEs are starting to explore a multi-faceted approach that goes beyond financial protection.

Here, businesses turning to their insurance broker for support in managing cyber risk can be a game-changer.

Simon Hughes

6 ways brokers can help mitigate SME cyber risk:

  1. Improving cyber hygiene practices: One of the most effective ways to mitigate cyber threats is through robust cyber hygiene practices. Insurance brokers can assist SMEs in implementing low-cost, high-impact security measures such as multi-factor authentication (MFA), strong password policies, encryption and regular software updates. For SMEs with limited IT resources, brokers can help identify gaps and recommend the best practical, easy-to-implement solutions. This not only helps in securing insurance coverage, but also strengthens the business’s overall cyber defence.
  1. Employee training and awareness programs: Despite the rise in sophisticated attacks, many cyber incidents begin with simple phishing or social engineering schemes. And with the advancement of AI-generated phishing attacks, it’s becoming even harder for employees to detect them. Brokers can help here by recommending or providing employee training programs that educate teams on recognising cyber threats, understanding third-party software vulnerabilities, and reinforcing best practices like verifying email senders and securing access through MFA.
  1. Incident response plan (IRP): Every SME needs a well-defined incident response plan (IRP) to minimise the damage of a cyberattack. A broker can guide businesses in developing an effective IRP, ensuring they have reliable backup, recovery plans and clear communication strategies in place. This may include providing an IRP template and insights on what it should cover, such as legal considerations, recovery steps, and assigning specific roles within an incident response team.
  1. Leveraging technology: In today’s landscape, many cyber insurance providers offer more than just financial coverage. Brokers can help SMEs tap into advanced services provided by insurers, such as access to cybersecurity consultants, vulnerability assessments and real-time threat intelligence. Some insurers even offer AI-driven risk assessments and APIs that integrate with existing cybersecurity tools, enabling businesses to optimise their security strategies. These resources can help SMEs implement a layered defence strategy and gain access to expert insights that would otherwise be too costly or difficult to obtain.
  1. Ongoing cyber risk assessments: Cybersecurity is not a one-time effort; it requires continuous monitoring and improvement. Brokers can help SMEs conduct regular cyber risk assessments, including vulnerability scans and penetration tests, to identify potential weaknesses before they are exploited. By working with their broker to schedule and analyse these assessments, businesses can stay ahead of emerging threats and address any security gaps proactively.
  1. Vetting vendors and service providers: As more SMEs rely on third-party vendors, ensuring those partners maintain high-security standards is crucial. Brokers can advise businesses on how to vet their vendors’ cybersecurity practices, ensuring they’re not inadvertently introducing new risks into their operations. This might involve guiding SMEs through conversations with their vendors, asking about their data encryption methods, IRPs, and whether they have cyber insurance coverage in place.

For SMEs, managing cyber risk is no longer just about having insurance in place. It’s about a combination of prevention, preparedness, and resilience; elements that cyber insurance brokers are uniquely positioned to help with. After all, practising more robust cyber hygiene methods doesn’t just reduce businesses’ risk, but could also see them benefit from more favourable terms when seeking cyber insurance coverage.

spot_img
Ad Slider
Ad 1
Ad 2
Ad 3
Ad 4
Ad 5

Subscribe to our Newsletter