Research* from Aviva shows more than 2 in 5 (44%) businesses believe they are unlikely to be a target for cyber crime, with almost a quarter admitting that whilst they are worried they are not sure what to do to protect themselves and 8% haven’t thought about the risk at all.
In fact, just a quarter of businesses (24%) are taking steps to protect themselves from being the victim of a cyber attack despite the Office for National Statistics revealing that there were 2.5million incidents of cyber crime** just between May and August of this year.
When asked which types of cyber crime they had heard of Aviva’s SME Pulse survey found the top answers were 77% phishing, 69% identity theft and 66% hacking. Less than half of businesses surveyed were aware of ransom demands (43%) being made to them by criminals to get information or access back, pharming (46%) where internet users are directed to a bogus website mocked up to look like a genuine one, or cyber attacks that prevent access to a business’ systems (38%) and yet, these are also real threats to online safety.
When asked if they would know what to do if they became a victim of cyber crime more than a third (34%) admitted they didn’t and more than a quarter (27%) were not sure.
Angus Eaton, MD of commercial lines at Aviva, said: “As we know from the media stories recently there have been a number of high profile attacks where business systems have been hacked or systems disabled however it is a mistake to think criminals will only target big business.
“These criminals operate in ever more sophisticated ways using malious codes to search out vulnerabilities online so anyone could become a target. Protecting your business from cyber crime is good business because your customers want the reassurance that their data is safe in your hands. If you haven’t done so already now is the time to put cyber risk on your agenda and take action to help prevent your business becoming a target.”
More than a third of business owners said they had been the victim of cyber crimes such as hacking, phishing and pharming, with three quarters of those businesses estimating the recovery outlay cost their business up to £1,000 – for 6% it was up to £5,000 and for 4% it was up to £10,000. For more than a quarter of those victims of cyber crime the costs related to loss of money and the same figure for the fixing the problem. After that costs were incurred for reputational damage (11%), loss of assets or intellectual property (10%) and payment of ransom demands (7%).
Aviva has put together a list of ways to keep safe online:
- Encrypt your data – this means that only the other computer you are sending information to can decode the message you are sending
- Have a security process in place to promote safe computing in the workplace, so for example, don’t open suspect emails or attachments
- Make sure all data systems have passwords and change them at least quarterly.
- Make sure those passwords are at least 8 characters long and a combination of letters, numbers and symbols and don’t encourage sharing of passwords with anyone.
- Make sure firewalls and antivirus software are all active and up-to-date.
- Back up your data regularly and keep copies away from work premises.
- Make sure you have an incident response plan in place to help you understand what you need to do in the event of a breach/cyber attack – for example, who would you contact and how.
- Vet your service provider’s security procedures to ensure their security systems are secure and update your systems and software regularly.
- Talk to your insurance broker – it might be a good idea to have specific cyber insurance for your business and your broker can help you arrange this.
Aviva offers cyber cover designed for small to mid-market customers to help combat the increasing threat of data and privacy breach they face today. Working with IDT911™***, Aviva’s insurance also offers risk management expert services to help customers prepare in advance for and manage any issues after a data loss or breach.
* Aviva’s SME survey carried out with 1,500 businesses
*** IDT911™ is the leading provider of services that help businesses and their customers defend against data breaches and identity theft. IDT911’s unique approach—delivering proactive protection, preventive education, and swift resolution—offers unrivalled support for more than 660 client partners and 17.5 million households.