Both firms highlighted the increasing risks posed by cybercriminals and emphasised that proactive cybersecurity practices and insurance coverage are critical to protecting SME operations.
SMEs in New Zealand face a growing number of cyber risks similar to those seen in Australia, where frequent cyber incidents underscore the need for enhanced protection.
Marsh noted that the Australian Cyber Security Centre (ACSC) records a cyber incident every 10 minutes, with almost half of those targeting smaller businesses. This trend, while based on Australian data, mirrors the situation in New Zealand, where SMEs are also at risk of significant financial and operational damage from cyberattacks.
Delta Insurance, which recently appointed a public relations partner to manage reputation-related communications for clients managing cyber insurance claims, noted that many SMEs in New Zealand invest minimal amounts in cybersecurity, leaving them vulnerable to significant losses. A small investment in prevention, including cybersecurity measures and insurance, could help mitigate these costs.
Both Marsh and Delta Insurance highlighted several key trends expected to affect the cybersecurity landscape for SMEs in New Zealand throughout 2024.
Around the world, governments are tightening data privacy rules, and New Zealand is no exception.
Compliance with the New Zealand Privacy Act 2020 and other emerging regulations is becoming more critical for businesses of all sizes, with penalties for non-compliance potentially adding to the financial burden of a cyberattack.
A growing threat to SMEs comes from social engineering attacks, particularly business email compromise.
Criminals often manipulate email communications to divert payments or impersonate senior staff. To protect against these schemes, businesses should implement rigorous verification protocols for any financial transactions.
Ransomware continues to be a serious issue, affecting companies across industries.
Marsh warns that ransomware is not exclusive to large corporations – SMEs are also at risk. A ransomware attack can disrupt key operations by locking businesses out of their own data and systems, with recovery often requiring either the payment of a ransom or extensive IT restoration efforts.
Both Marsh and Delta Insurance emphasised the importance of cyber insurance in mitigating the risks of cyberattacks.
Delta Insurance said it offers additional resources alongside insurance coverage, such as cybersecurity training for employees and risk management tools to help businesses strengthen their defences.
Marsh also stressed that cyber insurance should be an integral part of a business’s overall risk management plan, complementing other cybersecurity efforts.