UK: Businesses don't believe they are at risk of cyber crime, says Aviva

2 in 5 businesses don’t believe they are at risk and more than a third of businesses would not know what to do if they became the victim of a cyber crime.

  • More than a third of business owners said they had been the victim of cyber crimes like hacking,  phishing and pharming
  • For those who suffered a cyber crime 75% said it cost up to £1,000 to put things right

Research* from Aviva, the UK’s largest commercial insurer, shows more than 2 in 5 (44%) businesses believe they are unlikely to be a target for cyber crime, with almost a quarter (23%) admitting that whilst they are worried they are not sure what to do to protect themselves and 8% haven’t thought about the risk at all.

In fact, just a quarter of businesses (24%) are taking steps to protect themselves from being the victim of a cyber attack despite the Office for National Statistics revealing that there were 2.5million incidents of cyber crime** just between May and August of this year.

When asked which types of cyber crime they had heard of Aviva’s SME Pulse survey found the top answers were 77% phishing, 69% identity theft and 66% hacking. Less than half of businesses surveyed were aware of ransom demands (43%) being made to them by criminals to get  information or access back, pharming (46%) where internet users are directed to a bogus website mocked up to look like a genuine one, or cyber attacks that prevent access to  a business’ systems (38%) and yet, these are also real threats to online safety.

When asked if they would know what to do if they became a victim of cyber crime more than a third (34%) admitted they didn’t and more than a quarter (27%) were not sure.

Angus Eaton, MD of commercial lines at Aviva, said: “As we know from the media stories recently there have been a number of high profile attacks where business systems have been hacked or systems disabled however it is a mistake to think criminals will only target big business.

“These criminals operate in ever more sophisticated ways using malious codes to search out vulnerabilities online so anyone could become a target. Protecting your business from cyber crime is good business because your customers want the reassurance  that their data is safe in your hands. If you haven’t done so already now is the time to put cyber risk on your agenda and take action to help prevent your business becoming a target.”

More than a third of  business owners said they had been the victim of cyber crimes such as hacking, phishing and pharming, with three quarters of those businesses estimating the recovery outlay cost their business up to £1,000 – for 6% it was up to £5,000 and for 4% it was up to £10,000. For more than a quarter of those victims of cyber crime the costs related to loss of money and the same figure for the fixing the problem. After that costs were incurred for reputational damage (11%), loss of assets or intellectual property (10%) and payment of ransom demands (7%).

Aviva has put together a list of ways to keep safe online:

  • Encrypt your data – this means that only the other computer you are sending information to can decode the message you are sending
  • Have a security process in place to promote safe computing in the workplace, so for example, don’t open suspect emails or attachments
  • Make sure all data systems have passwords and change them at least quarterly.
  • Make sure those passwords are at least 8 characters long and a combination of letters, numbers and symbols and don’t encourage sharing of passwords with anyone.
  • Make sure firewalls and antivirus software are all active and up-to-date.
  • Back up your data regularly and keep copies away from work premises.
  • Make sure you have an incident response plan in place to help you understand what you need to do in the event of a breach/cyber attack – for example, who would you contact and how.
  • Vet your service provider’s security procedures to ensure their security systems are secure and update your systems and software regularly.
  • Talk to your insurance broker – it might be a good idea to have specific cyber insurance for your business and your broker can help you arrange this.

Aviva offers cyber cover designed for small to mid-market customers to help combat the increasing threat of data and privacy breach they face today. Working with IDT911™***, Aviva’s insurance also offers risk management expert services to help customers prepare in advance for and manage any issues after a data loss or breach.

For more information speak to your broker or if you don’t have one find one in your area by visiting:

For more information on cyber security visit:


For journalist enquiries:

Sally Richards, 01603 684225

* Aviva’s SME survey carried out with 1,500 businesses

*** IDT911™ is the leading provider of services that help businesses and their customers defend against data breaches and identity theft. IDT911’s unique approach—delivering proactive protection, preventive education, and swift resolution—offers unrivalled support for more than 660 client partners and 17.5 million households.

Notes to editors:

• Aviva provides life insurance, general insurance, health insurance and asset management to 34* million customers, across 16 markets worldwide
• In the UK we are the leading insurer serving one in every four households and have strong businesses in selected markets in Europe, Asia and Canada. Our shares are listed on the London Stock Exchange and we are a member of the FTSE100 index. 
• Aviva’s asset management business, Aviva Investors, provides asset management services to both Aviva and external clients, and currently manages over £245 billion in assets.
• Aviva helps people save for the future and manage the risks of everyday life; we paid out £24.6 billion in benefits and claims in 2014.
• By serving our customers well, we are building a business which is strong and sustainable, which our people are proud to work for, and which makes a positive contribution to society.
• The Aviva media centre at includes company information, images, and a news release archive.
• For an introduction to what we do and how we do it, please click here
• For broadcast-standard video, please visit
• Follow us on twitter:

* Before the deduction of overlapping customers.