Small- and medium-sized enterprises (SMEs) are increasingly worried about cyber security, the Singapore Business Federation and London market cyber insurer Beazley have reported.
The two partnered for a survey asking how Singaporean SMEs are dealing with this growing risk, along with the role that cyber insurance can play.
Only 40% of 76 responding SMEs had confidence that they are adequately protected, according to the “Survey on the Perception of Cyber Security Risk”, conducted between October and November.
Demand for cyber covers has been low in the Southeast Asian re/insurance hub, while Beazley, among other London market and European players active in the region, has focused its efforts in North America and Europe.
Some 75% of SMEs said that cyber security has increased in importance for their business over the last three years; none said that the importance of cyber security had decreased over the period.
The next two years will bring increased importance for cyber risk among SMEs’ overall risk profile, according to 81% of those Singaporean firms that responded.
A quarter reported that they have experienced an attempted or actual data breach or cyber-attack in the last 12 months, and nearly a fifth were unsure if they had.
Protecting their reputation and ensuring data and information is not compromised were the two most important concerns to SMEs, both related to cyber security. These were ranked higher than protecting revenues and securing new customers.
Cyber risk was conspicuous by its relative absence from discussions at last month’s East Asian Insurance Congress (EAIC) event in Macau, Reactions reported, including for Beazley, which underwrites within the Lloyd's Asia hub in Singapore.
Not because it is not a major risk for large cedants, but because in Asia the risk remains so under-reported, underinsured, and with little in the way of legislation or litigation pushing it up the risk list.
Beazley remains the biggest underwriter of cyber covers at Lloyd’s, but its cyber risk wares are absent in Asia.
“You can’t just pick up a product and put it in Asia,” said Gavin Hayes, head of Asia Pacific at Beazley, who noted that while risk remains hidden from view in the region, the number of attacks has risen, particularly on Asian banks.
It is a similar story at Tokio Marine Kiln (TMK), which has made a focus out of reputational harm covers in London, and has likewise focused on underwriting other lines in Singapore.
“Everything we offer in London we offer here – except cyber. For cyber, a lot of people are trying to sell it, but it’s still in its infancy,” said Alex Dugand, regional underwriting director for TMK based in Singapore.
Beazley’s new survey revealed that anti-virus software was the most common measure employed by companies to help manage cyber security risks, with 88% of respondents having this type of protection.
Some 63% of respondents said their company has a plan of action for responding to a loss of data and have conducted staff training on the subject respectively.
A slight majority (56%) of companies reported that they had spent less than $20,000 on cyber security in 2015 whilst only 8% had spent more than $50,000.
However, 63% of companies said they expect to increase their budget for cyber security in 2017.
Respondents said that they were most likely go to IT professionals for more information on how to protect their company against cyber security risks (57% for both IT consultants and their own IT department). The next most likely sources stated were internet search engines and regulators (both 39%).