Small businesses underestimating their vulnerability to cyber risks – survey

Some believe they are too small to be targeted by cyber criminals

Small businesses underestimating their vulnerability to cyber risks – survey

Cyber

By Mika Pangilinan

Small businesses may be underestimating their vulnerability to cyber attacks, a recent poll by the Insurance Bureau of Canada (IBC) has found.

 The survey found that over 60% of small businesses believe their establishments are too small to be targeted by such attacks. This number climbed to 73% among sole proprietors, indicating that common perceptions contrast starkly with the reality of escalating cyber threats, according to IBC.

A growing number of small business employees also voiced their unease about the cybersecurity practices within their organizations, with 25% stating that they feel ill-equipped to identify potential cyber threats at work due to inadequate tools and training.

 Moreover, 22% of employees expressed concern that their actions might inadvertently contribute to a cyber attack or data breach, while 10% admitted to sharing confidential information with publicly available chatbots or artificial intelligence (AI) platforms.

 Despite almost 40% of small business employees reporting an increase in scam attempts over the past year, business owners still seemed hesitant to invest in cyber protection. 

 According to IBC, 69% of respondents did not consider cybersecurity a financial priority, and only 20% indicated their intention to purchase cyber insurance within the next year. Additionally, 17% doubted their eligibility for cyber insurance coverage.

 Liam McGuinty, vice president of strategy at IBC, commented on the survey’s findings, emphasizing that small and medium-sized businesses are not immune to the many risks emerging in today’s cyber landscape.

“All businesses, but especially those that rely heavily on an online presence and use e-commerce, should consider contacting their insurance representative to help find ways to manage their cyber risk,” said McGuinty. “However, cyber insurance is just one component of an overall cyber risk mitigation strategy – it is not a replacement for cyber resilience.”

Both employers and staff play an essential role in developing a robust cyber approach, he said further, adding that “regular staff training is a critical component in reducing risk.”

 As part of Cyber Security Awareness Month this October, IBC has introduced a self-assessment tool to educate business owners about the essential steps most cyber insurers expect businesses to take to minimize risks.

IBC’s Cyber Savvy Assessment can be accessed until October 31, along with other resources on proactive measures to reduce their cyber risk.

 What are your thoughts on this story? Feel free to comment below. 

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!