If a company has a limited resource pool to draw from, it can be tempting to solely concentrate on protecting against the more traditional and visible risks to the business. It is often only when a cyber incident occurs that a business realises its insurance cover, if any, is inadequate. It is worth highlighting that the General Data Protection Regulation imposes the same responsibility on all businesses that handle personal data, irrespective of size.
Because of this, cyber insurance is expected to become a standard part of all business expense in the next five years.
This article highlights some of the emerging cyber risks relevant to smaller businesses and why SMEs should urgently consider whether their current cybersecurity arrangements are sufficient.