Small and mid-sized enterprises (SMEs) are ideal targets for cyberattacks, according to a new whitepaper from Chubb.
The whitepaper, authored by Chubb with insurtech company CoverHound and cybersecurity firm Symantec, found that smaller businesses shouldn’t think themselves immune to cybercrime.
“While SME owners are aware of cybercrime, they often see themselves as too small to attract such attacks or don’t see themselves as a gateway to large cyber threats,” said Anita Sathe, chief strategy officer at CoverHound. “When it comes to hacking, SMEs’ vulnerability and state of unpreparedness make them a perfect target.”
“Cyber criminals can easily pinpoint SMEs with few cybersecurity measures in place, which makes the risk of a cyberattack too great to ignore,” said Patrick Thielen, senior vice president of Chubb’s financial lines division. “Companies can create their very own cyber risk management programs, but before anything, they need to identify what areas of their internal system are vulnerable to a breach.”
SMEs can take simple steps to help protect against data breaches, the whitepaper said. These steps include:
- Developing and enforcing a formal, written password policy
- Educating employees about cybersecurity vigilance
- Updating IT equipment and monitoring computer networks
- Creating a cyber incident response plan
- Purchasing cyber insurance
“Although SMEs don’t often think they are a target for cyber criminals, according to Symantec’s 2016 Internet Security Threat Report, small businesses now comprise 43% of all spear phishing attacks – up from 18% in 2011,” said Pascal Millaire, Symantec’s vice president for cyber insurance.
Hospital loses $10m to cyberattack, but broker’s recommendation saves the day
The new approach to mitigating cyber risk