Zurich (Nov. 24, 2016) – 2016 The risks posed by cyber crime are a fast-growing concern for small and medium-sized enterprises (SMEs), according to Zurich Insurance Group’s (Zurich) fourth annual global SME survey. Just 10% of SMEs said that they were too small to be at risk of falling victim to cyber crime, compared with 17% of those that thought that they were too insignificant to attract the attention of cyber criminals in 2015.
The survey, which polled 2,600 C-suite executives and managers at SMEs across 13 countries in Europe, the Americas and Asia Pacific, revealed that theft of customer data (27%) and reputational damage (20%) are the consequences of cyber crime impacts that they fear the most.
Additional risks such as theft of money/savings (15%), business disruption (15%) and malicious identity appropriation (12%) are seen as potentially being the most harmful consequences of cyber crime.
The two fastest-growing cyber crime concerns were reputational damage and theft of money/savings. Both rose 4% each, to 20% and 15%, respectively, compared with the results of the 2015 survey.
SMEs’ confidence in IT systems and cyber crime protection have weakened. The percentage of SMEs that view their business as sufficiently protected by up-to-date software fell to less than 5% from 8% in the past survey.
Lori Bailey, Global Head of Special Lines at Zurich, commented: “With the number of high profile cyber security breaches in the media over the last year, it is not surprising that the risk awareness amongst SMEs has grown significantly, yet alarming that the vast majority of SMEs do not have the appropriate cybercrime protection measures in place.
The dramatic technological transformations that are happening to enterprises, infrastructures and systems globally are resetting the traditional expectations of risk management and its approaches across companies of all sizes. At Zurich, we continue to invest in identifying risks and delivering tailored solutions to address the needs of all our customers, but to effectively tackle cyber crime and improve business resilience, further joint efforts will be needed between governments, service providers and businesses.”
The latest survey also revealed significant regional differences in attitudes to cyber crime risks and their impacts.
European SMEs’ fears reflect global trends
In Europe, the potential harm to reputation as a consequence of a cyber attack as the main worry has risen to third place on the list of concerns, up from sixth in 2015. 16% of European SMEs identified this as a concern. Their leading concerns are theft of customer data and reputation damage (26% and 16% respectively), in line with the global trend. In addition, 17% of SMEs in Europe are also worried about business disruption that could result from a cyber attack
U.S. businesses most concerned about cyber theft
Cyber theft of information and earnings dominated U.S. SMEs’ concerns. Small companies in particular dread the theft of customer data (23%), and money/savings (21%). While concerns over reputation damage as a result of cyber crime increased from 10% to 15%, of the regions surveyed, SMEs in the U.S. still remain the least concerned about this issue. At the same time, worries over malicious use of identity dropped from 16% to 12% year-on-year.
SMEs in Latin America lack awareness about cyber risk
In keeping with global trends, concerns about reputational damage related to cyber crime are on the rise in Latin America, up to 23% from 19% in 2015. Interestingly, the survey revealed that the fastest-growing concern in that region is related to the potential risk of third-party lawsuits related to cyber crime, which tripled year-on-year (6% in 2016 vs 2% in 2015). One reason for concern is that 6% of enterprises still believe they have fully-functioning cyber protection measures in place, but the percentage of those that think this way nearly halved compared with 2016. Still 10% of Latin American SMEs haven’t thought about cyber risk and currently have no opinion on it, according to the survey.
Cyber crime awareness on the rise in APAC
SMEs in the Asia Pacific region (APAC) are the most worried about potential reputational damage – 32% named it as the main potential risk to their business related to cyber crime. The same percentage of SMEs are worried about potential theft of their customers’ data. It is remarkable to note that SMEs in APAC surveyed showed a more than doubling in 2016 from 2015 when it comes to concern about theft of money/savings, malicious use of identity and business disruption. In 2016, 10% of SMEs in the region believed they were too small to become a target of a hacker attack. But those SMEs thinking this way have more than halved compared to 23% in 2015.
Zurich’s fourth annual SME survey was carried out by the global research company GfK. The leaders of 2,600 small and medium sized enterprises (0 to 250 full-time employees) around the world were asked questions on the cyber crime related risks facing their businesses. A representative sample of 200 CEO/owners, general managers, CFO/treasurers and COO/head of operations from each of the following 13 countries were included: Australia, Austria, Brazil, Germany, Hong Kong, Ireland, Italy, Mexico, Portugal, Spain, Switzerland, Turkey and the U.S.
Zurich Insurance Group is a leading multi-line insurer that serves its customers in global and local markets. With around 55,000 employees, it provides a wide range of general insurance and life insurance products and services. Zurich’s customers include individuals, small businesses, and mid-sized and large companies, including multinational corporations, in more than 170 countries. The Group is headquartered in Zurich, Switzerland, where it was founded in 1872. The holding company, Zurich Insurance Group Ltd (ZURN), is listed on the SIX Swiss Exchange and has a level I American Depositary Receipt (ZURVY) program, which is traded over-the-counter on OTCQX. Further information about Zurich is available at www.zurich.com.
SOURCE: Zurich Insurance Group