SMBs don’t see need for cyber insurance since they won’t experience security incidents

Believing they will not encounter cybersecurity incidents, small and midsize businesses (SMBs) do not see a need for cyber insurance. 

Among 39% of SMBs in Singapore that are not considering or remain undecided about getting protection against cyber risks, half say it is because they are unlikely to experience cybersecurity or cybercrime issues. Another 54% say they do not store sensitive or personal data online and, hence, do not see a need for cyber insurance. 

These findings were from a study commissioned by insurer QBE Insurance Group in Singapore and conducted by Creative Way Consultants, which polled 416 decision-makers from local SMBs. The annual survey was carried out last quarter. 

Amid the apparent lack of enthusiasm for cyber insurance, though, 97% said they were aware of potential cyber risks to their business. Some 21% expressed concerns about data protection and security, with 38% admitting to being affected by cyber incidents last year, up from 26% in 2021. 

About 9% of respondents said they operated without any process or insurance against cyber risks, the study found. 

Digital transformation, though, remained of great interest, with 66% of SMBs embarking on digitalisation efforts over the past year. Another 34% said they would continue to invest in digital technologies to reach more customers, while 32% would do so to grow their business and 32% would digitalise for higher productivity. 

With their smaller pockets, it should come as no surprise that 29% of SMBs cited high cost of investment as a barrier in their digitalisation efforts. Some 27% pointed to a lack of financing, while 24% pointed to a lack of digital skills as a barrier. A further 23% saw potential business disruptions as a barrier, while 21% highlighted complexities in digital technologies. 

Another 21% saw the need to ensure data protection and security as a barrier to digital transformation

SMBs are hot targets of cybercrimes in Singapore, where these businesses account for the bulk of victims impacted by ransomware attacks. In particular, SMBs from sectors such as manufacturing and IT accounted for the bulk of reported ransomware cases in 2021. 

According to a study last year by Coleman Parkes, Singapore enterprises had to deal with 54 cybersecurity incidents on average each day, with 39% managing 50 to 200 such incidents a day. Some 62% said they were struggling to keep up with the evolving threat landscape. 

A report from Trend Micro last week estimated that Asia-Pacific experienced the most ransomware attacks last year, with 38.06% of such attacks targeted at the region. Some 18.9% of ransomware victims in Asia-Pacific chose to pay up, compared to the global average of 10% and 11.1% in Europe, which had the lowest ransomware payment rate. 

Of 14 billion threats it blocked in Asia last year, Trend Micro said more than 1 billion were in Singapore alone. Mobile security issues ranked the highest in Asia. 

RELATED COVERAGE

READ MORE HERE