Crisis incidents, such as cyber-attacks, extortion, industrial espionage and terrorism, are costing UK SMEs billions of pounds a year. Furthermore, subsequent trading paralysis is putting thousands at risk of collapse in their aftermath.
UK SMEs paid out an average £6,416.50 last year to deal with crisis incidents, according to research by Gallagher, an insurance broking, risk management and consulting services company. This equates to a combined business cost of £8.8bn in 2018 alone.
In a poll of 1,120 UK SMEs, nearly a quarter (24pc) confirmed they were affected by a crisis event last year, equating to 1.4 million across the country – a 5pc increase from 2017. One in six (17pc) SMEs affected by a crisis spent £10,000 or more to combat crises, with nearly one in 10 (9pc) paying out in excess of £20,000.
A quarter of SMEs (23pc) said they would survive for less than a month if rendered unable to trade by a crisis incident. Based on these findings, we estimate that nearly 57,000 UK SMEs could be at risk of collapse this year if unable in the aftermath of a crisis event.
The most prevalent crisis experienced by UK SMEs last year was a cyber-attack, data breach or cyber extortion incident, which accounted for 15pc of all events. Financial services sustained the highest number of attacks by a significant margin. More than a quarter (27pc) of financial services SMEs surveyed were hit by this form of crisis in 2018. Cyber-attacks, data breaches and cyber extortion also represent the areas of greatest concern for companies in 2019. Half (50pc) of UK SMEs are most concerned about a cyber crisis taking place this year. Denial of access and business interruption was the second most concerning area, with one in 10 (11pc) citing this as a major risk.
Comment
Tom Draper, Cyber Practice Leader at Gallagher, said: “The prevalence of cyber-attacks against UK SMEs has reached a tipping point – companies ignore these risks at their own peril. Ransomware has become relatively commonplace and pay outs to demands are often met simply in order to resume trading. Failure to comply can result in a crippling period of business interruption, which in many cases, leads to businesses collapsing.
“Data breaches leading to compromised customer data are also proving a major issue for small businesses. Such incidents are damaging in themselves, due to possible cyber fraud and the significant reputational fallout from having to inform customers of a data breach, but SMEs may also find themselves facing significant fines under GDPR. The best way to survive – and thrive – in the aftermath of a cyber incident is to have planned ahead, to ensure that you are able to respond swiftly to an emerging crisis, and to purchase effective cover through a broker to protect your assets and provide expert counsel in the event of an incident.”
Visit www.ajg.com/uk.
