’We’ve designed a tool that is easy to understand,’ says head of general insurance policy

The ABI has launched a new cyber safety tool to help small and medium sized enterprises (SMEs) bolster their security against cyber attacks.

In a statement released today (27 September 2023), the association said the interactive tool assesses a firm’s capabilities and weaknesses by asking a small number of questions to the owner.

Following this, it will produce a bespoke set of recommendations to help owners plug any identified gaps.

Its recommendations span company culture and training, password management, software, crisis planning, back-ups and appropriate access.

The tool will also provide guidance on free apps and programmes to use.

Mark Shepherd, the ABI’s head of general insurance policy, said: “We know that cyber security can sometimes fall a long way down the to-do list for today’s busy business owner, so we’ve designed a tool that is easy to understand and will quickly provide business-owners with practical guidance on cyber safety.”

Cost of attacks

This came after the government revealed in its 2023 cyber security breaches survey that cyber attacks were costing businesses an average of £15,300 in losses.

Published earlier this year (13 April 2023), the report also highlighted that across all UK businesses, there were approximately 2.39m instances of cyber crime and as a result, around 49,000 instances of fraud in the last 12 months.

Meanwhile, insurance broker Howden said it had seen a rise of sophisticated cyber claims, such as ransomware and phishing.

According to the broker’s Coming of Age report, which was published earlier this year (10 July 2023), ransomware attacks surged by nearly 50% in the first half of 2023 compared to the same period in 2022.

As a result, the ABI’s new tool has been created using expertise from within the insurance industry and utilises protocols from the National Cyber Security Centre (NCSC).

“The ABI has designed the tool for any interested party to white-label, in order to disseminate good cyber practice as far through the SME ecosystem as possible,” the association added.