[Skip to content]

Sign up for our daily newsletter
The Actuary The magazine of the Institute & Faculty of Actuaries

SMEs not convinced by the perils of cyber risk

Two in five small businesses do not believe they are at risk of a cyber crime but anyone “could become a target”, according to a survey carried out by Aviva


A pile of credit cards with a fish hook on a computer keyboard © Shutterstock
Most businesses are familiar with some of the common types of cyber crime such as identity theft. © Shutterstock

Based on a poll of 1,500 companies, almost a quarter (23%) admitted to not knowing what to do to protect themselves in the event of an attack, and 8% had not thought about the risk at all.

When asked which types of cyber crime respondents were aware of, 77% cited phishing, 69% were familiar with identity theft and 66% had heard of hacking.

Other responses included ransom demands as cited by 43% of companies, followed by pharming (46%) where internet users are directed to a bogus website mocked up to look like a genuine one. 

Angus Eaton, managing director of commercial lines at Aviva, said it was a “mistake” to think criminals would only target big businesses.

“These criminals operate in ever more sophisticated ways using malicious codes to search out vulnerabilities online so anyone could become a target,” he said.

More than a third of business owners said they had been the victim of cyber crimes such as hacking, phishing and pharming, with 75% of those estimating the cost of recovery to be up to £1,000. 

For 6% of victims it cost up to £5,000 to remedy the damage and a further 4% estimated the cost of recovery to be up to £10,000. 

The survey also reported these costs related to loss of money, fixing the issue, reputational damage, loss of assets or intellectual property and payment of ransom demands.