Understanding Cyber Risks

There’s no denying these are challenging times for SMEs. Rising energy costs, staff shortages and pressure from employees for pay increases may make it easy for business owners to take their eye off the issue of cyber risk. There may be a lot of new challenges facing SMEs, but the threat of a cyber incident isn’t going anywhere. In fact, falling victim to a commercial cyber attack now can cause SMEs financial loss, reputational damage and leave them even more vulnerable than they may be already.

Up Arrow

Common beliefs that lead to cyber incidents

It’s more important than ever to stay informed on the latest cyber trends to help protect your business, so let’s examine some common cyber security myths and facts to help keep your enterprise safe from scams and cyber incidents.

Up Arrow

Passwords are enough

It’s understandable that business owners may not have taken the time to keep on top of the latest best practice when it comes to keeping their assets safe in recent years.

Unfortunately, that can mean your internal security is still operating on outdated ideas about cyber security, which can lead to cyber incidents within your business. The idea that protecting your systems with strong passwords is sufficient to keep your business safe from attacks is one of the most common, and most dangerous cyber security myths.

To be clear, passwords alone are not enough to keep your systems and your confidential data safe from cyber related incidents. If you haven’t already, it’s time to implement Multi-Factor Authentication across your business, helping to negate the risk of cyber criminals getting hold of or guessing any employee passwords.

Up Arrow

Smaller businesses are safer from cyber risks

As much as we wish this were true, it’s another cyber security myth. Cyber attacks aren’t something that only happen to large businesses and all SMEs can be targets.

It’s crucial that you keep your cyber security as up to date as possible and your employees are clear on what’s expected from them to help minimise the risks. Cyber criminals are always on the lookout for easy targets with gaps in their security, so it’s important to stay one step ahead wherever you can.

Up Arrow

We only need to think about external cyber threats

When you think about cyber security, it’s easy to think about attackers as external threats lurking beyond your company walls.

This is another common myth that can lead to cyber attacks on your SME. Any processes you have in place to protect your business from external security breaches are great, but you need to channel the same resources into keeping security tight from within.

A staggering 95% of all data breaches are the result of human error1, so it’s vital that your employees receive regular training to keep them up to date with the latest developments in cyber security and privacy regulations and what to look for.

Up Arrow

Cyber security facts

One of the best things you can do to protect your SME from attacks is to separate some of the many myths out there from real cyber security facts. A clear understanding of the threats that face SMEs can help you protect your business.

Up Arrow

Phishing is still the among the most common type of cyber incidents

Cyber criminals may be getting more sophisticated, but phishing emails are still one of the most common forms of cyber attack. Cyber criminals use emails to dupe staff into sharing confidential data, usually by tricking them into opening a malicious link.

Although many workers will be aware of phishing emails, they are becoming more elaborate and more difficult to identify, offering all employees regular training on what to look out for can help to keep them safe from scams in the workplace.

Up Arrow

Remote workers increase the risk of company cyber attacks

If your workforce has evolved to include remote workers since the pandemic, it’s important to understand the range of additional risks employing remote workers presents. One of the biggest threats posed by home workers is that they’re likely to use emails more frequently as they’re not in the office.

This, together with the prevalence of phishing scams means your remote employees may be more at risk of making a poor judgement as they sift through emails and clicking on a risky link.

If an office-based employee receives an email they’re not quite sure about, they have access to colleagues or even the IT department for a second opinion before making a judgement on whether it’s from a genuine source, whereas remote workers need to make these calls independently.

Up Arrow

Cyber liability insurance from Towergate

To give you peace of mind, we can offer cyber insurance that is tailored to your business needs. As well as providing cover in the event of a security breach, we can also provide you with access to a team of experts who will work with you to minimise your loss and the possible damage to your business.

We also give you access to tools and resources to help you stay up-to-date with the evolving risks which will help you to understand your exposure and therefore establish a suitable response plan. For more information visit our cyber liability insurance page or call us on 0330 1235 740.


  1. https://www.dbxuk.com/statistics/cyber-security

Up Arrow

About the author

Alison Wild Bcom Hons MAAT MATT Taxation Technician Commercial Tax Pensions Insurance And Marketing Specialist AuthorAlison Wild BCom (Hons), MAAT, ATT, Taxation Technician is a highly respected industry professional who has been working with and advising SMEs in areas including tax, pensions, insurance and marketing for over 25 years. She is a member of the Association of Accounting Technicians (AAT) and Association of Tax Technicians (AAT) and also has considerable experience as a residential landlord.