Although many SMEs believe that they are not interesting to be hacked, criminals think differently. Of all cyber attacks on companies, 64% are SMEs, resulting in, among other things, a business interruption, loss of reputation, economic costs and / or a fine or legal action. Moreover, 60% of the affected companies that did not take out cyber insurance are out of business within six months of a cyber incident . ” Israeli cyber security specialist Avi Bartov, director of the specialized cyber security company GamaSec, said this Thursday in a presentation during the annual relationship day that CNA Hardy organized for 60 relations from the insurance industry.

According to Bartov, SMEs are, in the eyes of the average hacker, a grateful, ideal and easy target. Not least because international research shows that a majority of all SMEs indicate that insufficient staff (74%) and too little budget / money (55%) are cited as the reason why IT security is not in order to reduce cyber risks adequately. Other frequently cited reasons for this are no idea how to adequately combat cyber attacks (47%), insufficient use of cyber security technology (38%), lack of knowledge and experience in this area in-house (37%) and that cyber security is not a priority has (23%). No fewer than 75% of employees who leave a company leave their computers unsecured.

Increase in cyber attacks and costs

And that, according to Bartov, today, cyber crime is no longer indispensable in society and that it is unlikely that this will change in the short term. “The number of cyber attacks is therefore increasing and in the meantime 67% of the companies have already experienced a cyber attack in the past 12 months and 58% a data breach. That risk is therefore considerably higher than the number of companies that were confronted with a fire in the same period (28% of all SMEs), with a theft case (7%), a flood (5%) or a major transport strike or large-scale road closure around the location (2%). Proactive security measures against cyber crime are therefore more important than a good lock on the front door of a company. "

According to Bartov, the consequences of a hack or other cyber incident can be drastic. "For example in the form of a business interruption, loss of reputation, economic costs and / or a fine or a legal case." With regard to the financial consequences, he made a distinction between the directly visible costs and the costs 'below the surface of the water'. According to him, the first category includes direct costs for solving data breaches, PR and communication costs, fines, lawyer costs and necessary improvements to the company's cyber security. As 'invisible costs', he mentions, among other things, an increase in insurance costs, the higher costs of raising borrowed capital, disruption of the operational course of events, loss of customer relationships, contract value,

Other outcomes

In his presentation, the Israeli cyber security specialist said that in 81% of the cases cyber crime is the basis for a hack, followed by (cyber) espionage (10.3%), cyber war (5.2%) or (political) (h) activism ( 3.4%). Among the affected companies are mainly the smaller SMEs (turnover