Small- and medium-sized enterprises (SMEs) are increasingly concerned about the risks posed by cybercrime, according to
Zurich Insurance Group’s fourth annual global SME survey.
The survey, which polled 2,600 C-suite executives and managers at SMEs across 13 countries in Europe, the Americas, and Asia Pacific, revealed that only 10% of SMEs believed that they were too small to be targeted by cybercriminals, a drop from last year’s 17%.
Zurich has also found that the cybercrime risks SMEs feared the most were theft of customer data (27%) and reputational damage (20%). Theft of money/savings (15%), business interruption (15%), and malicious identity appropriation (12%), meanwhile, were risks seen as potentially being the most harmful consequences of cybercrime.
Elsewhere, the survey showed that the fastest-growing cybercrime concerns among SMEs were reputational damage and theft of money/savings, both increasing 4% each, to 20% and 15% respectively as compared to 2015 findings.
There has also been a weakening in the confidence of SMEs in IT systems and cybercrime protection, the survey showed. The percentage of SMEs that thought their business was sufficiently protected by up-to-date software dropped from 8% in 2015 to 5%.
Lori Bailey, global head of special lines at Zurich, commented that while risk awareness has grown, the vast majority of SMEs do not have the appropriate cybercrime protection measures in place.
“The dramatic technological transformations that are happening to enterprises, infrastructures, and systems globally are resetting the traditional expectations of risk management and its approaches across companies of all sizes,” she said.
SMEs in Asia Pacific were found to be the most concerned about potential reputational damage, with 32% of respondents identifying it as the main potential cyber-related risk to their business. The same percentage of SMEs were worried about potential theft of their customers’ data, Zurich said.
In addition, Zurich noted that SMEs in the region who were concerned about theft of money/savings, malicious use of identity, and business disruption more than doubled this year as compared to last year’s survey.
Related stories:
Cyber attack: ignorance and inaction are no defence
Brokers can profit from ‘underestimated’ risk
Australia’s first ambassador for cyber affairs appointed
ASX top 100 to undergo cyber health check