There’s plenty of talk on how small and medium-sized businesses can and should protect themselves from cyber-attacks. However, when it comes to the aftermath of a cyber-attack, things are awkwardly quiet.
This is according to a new report by PolicyBee, which says cyber recovery is not really in the minds of SME owners. This is despite a third of those surveyed saying that they think a cyber-attack is inevitable, with a further quarter believing it is ‘likely’ to happen.
Yet, three quarters (74 per cent) haven’t put aside any budget to deal with the aftermath, and over four in ten (43 per cent) say they will just react if and when an attack happens and have no plans set up. Overall, only fourteen per cent of the SMEs surveyed said they had a detailed and tested plan.
“Large corporates will all have a ‘what if’ plan in place that has been stress tested via a crisis simulation or role play exercise. They will know exactly what to do in the event of a cyber-attack. However, small businesses seem to be chancing their luck and despite expecting to be hacked, aren’t preparing to be prepared,” commented Sarah Adams, cyber insurance expert, who commissioned the study for PolicyBee.
“The difference between a large and small company is that at least in the short term, no single individual will lose their income in a big business - but in a small business, their day to day livelihood could be altered dramatically within a scarily short space of time.”
Image Credit: ESB Professional / Shutterstock