top of page
Writer's pictureAddept

Do not lose sight of mental health in building cyber crime resilience


A woman looking at a laptop in a florist shop

Neil Huzinga, founder of Vivo Lifestyle Services Ltd (VIVO), shares his thoughts on the challenges and impacts of online crime on the mental health of Micro-SME business owners, and explains why a proactive approach to accessing practical advice and information helps to create greater cyber resilience and reduce the stress and anxiety faced by this most vulnerable business sector.


VIVO is Addept Insurance’s partner in the design, development and distribution of ACTIVCYBER®, a unique cyber assistance service designed specifically to support micro and small SME businesses of up to 10 employees to ensure their cyber security and deal with a cyber breach or crime.


The eye of a cyber storm

Micro-SME business owners are at the centre of a perfect storm when it comes to online scams and fraud. The lack of understanding around their exposures, limited knowledge of and investment in online security and resilience, and the absence of relevant and affordable insurance cover, have all contributed to Micro-SMEs being a target for online criminals.

 

Alongside the clear financial impacts, there is a less obvious challenge facing Micro-SME business owners; one that has more of an effect on their future ability to trade than financial losses and that’s dealing with the mental health impact of being the victim of a phishing attack, scam, or fraud.

 

Weaknesses creating gaps

The Covid pandemic lockdowns led to a marked change in the online behaviour of Micro-SMEs and their owners. The migration to online sales, marketing and payments services was a lifeline to customers and businesses alike and provided the opportunity for some individuals to fulfil an ambition to change course and become a business owner themselves.

 

But this shift online also correlated with a significant uplift in reports of online crime. In the years leading up to the pandemic, data from the Office of National Statistics’ annual Crime Statistics for England & Wales showed a marked decline in attacks affecting individuals as general awareness increased and institutions tightened up procedures and processes.[1] This trend changed with the behavioural changes driven by lockdowns and the criminals were there waiting.


 

A infographic showing the movement in different crime types

Source: Office of National Statistics, Crime in England and Wales: year ending December 2023


As the large corporate entities focused on their cyber security, the criminals turned their attention to much lower hanging fruit. They knew what was going to happen as huge numbers of people and businesses moved online for the first time with the inevitable gaps and weaknesses in understanding and knowledge of the actions needed to protect their business online.

 

When it comes to online activity and the approach to cyber security, Micro-SMEs behave in many similar ways to consumers. That includes the understanding of cyber-related risks, adopting protection strategies, and attitudes to buying cyber insurance coverage. According to data from the Department for Science, Innovation and Technology, in 2023 only 6% of Micro-SMEs and 11% of small businesses had a specific cyber security insurance policy in place. [2]


Blurred lines

Many Micro-SME business owners are still unaware or even complacent about their exposures and the risks they face without a more resilient approach to online crime. This is further compounded by the blurring of the lines between the personal and the business with many Micro-SME owners using the same devices for all their online activity whether it’s business sales and inventory or the running of the family finances. An attack that brings down that one laptop will have a significant impact on the well-being of the whole family as well as the business.

 

This is another factor not covered by many commercially-available cyber insurance policies further emphasising how they are not geared towards these kinds of businesses. Micro-SMEs are in the middle of the cyber tornado with limited protection. No wonder it’s stressful.


Percentage of organisations that have insurance against cyber security risks

A bar chart showing levels of cyber insurance in UK businesses

Source: Department for Science, Innovation and Technology, Cyber security breaches survey 2023 - Published 19 April 2023

 

Beyond the financial impact

Being in the right place at the right time is the modus operandi of the cybercriminal. Exploiting weaknesses and vulnerabilities and catching victims off guard when they’re distracted. Of course, there is usually a clear financial element to every scam and fraud but, perhaps, the most devastating element of the crime is the impact on the victim’s mental health after being taken advantage of. Many victims talk about feeling embarrassed or ashamed of being tricked, or their surprise and anger at falling for the scam and blaming themselves for not doing more to protect themselves. The emotional and psychological impact of cyber related crime can lead to anxiety, panic attacks, depression, and post-traumatic stress disorder. So, when it comes down to it, it’s not actually all about the money. It’s about the emotions and feelings you are left with afterwards that have deepest impact.

 

It will now be even less about the financial impact with a recent change in the Financial Services and Markets Act. Prior to October 2024, banks were not required to return funds taken where the customer had authorised payments such as those part of a Royal Mail courier style scam where they made a payment having been asked to pay a fee for a parcel to be delivered. According to the latest annual fraud report from UK Finance, the refund rate for this kind of fraud in 2023 was 62%. For unauthorised fraud, where you find funds have been taken from your account without your knowledge, the rate was 98%. [3]


The law change means banks are obliged to refund stolen funds by the end of the next business day, regardless of how their personal and Micro-SME customers were scammed. This is a welcome levelling up of the playing field when it comes to bank customers recovering money taken by the fraudster. This change and the protection that some Micro-SMEs have from a cyber insurance policy, will create greater certainty around recovering financial losses. What these factors do not address is the need to support business owners, helping them to recover from the mental and emotional impacts of what has happened to them.

 

Groups including Mental Health UK, and the Money and Mental Health Policy Institute point to the major negative mental health impact and increased risk of further cyber attacks, because of online scams.

 

The evidence, data, and experiences of business owners all point to the importance of looking beyond the financial impacts and recognising the importance of supporting mental health.


“Creating greater resilience in Micro-SME businesses helps to reduce online crime and relieve the real stress, anxiety and concerns of the hard-working owners.”

Helping businesses get back on their feet after an attack needs fast practical action to mitigate losses. Being able to access technical support to recover data and unlock devices quickly is crucial. Removing the stress of being unable to trade or notify customers of delays, or addressing the real concerns around what family or personal data a scammer is able to access and how they might use it is in no small part about taking action fast with the right technical support to deal with the problems that arise.    

 

But recognising the impact of online scams and fraud on mental health isn’t just about support once the crime has taken place.

 

Access to practical advice and information to help business owners better understand the risks, creating greater resilience, and better planning all help to empower Micro-SME business owners to be better able to identify potential risk exposures before they lead to losses.

 

Also, a better prepared and resilient Micro-SME business sector is, arguably, a lower risk and could or should be a motivator to cyber insurers to look at creating more relevant and cost-effective products or, for some growing small businesses, act as the gateway into commercial cyber insurance.

 

Creating greater resilience in Micro-SME businesses helps to reduce online crime and relieve the real stress, anxiety and concerns of the hard-working owners who have invested their professional and family life in realising their dream.






To find out more about ACTIVCYBER® please visit our website

4 views0 comments

Recent Posts

See All

Opmerkingen


bottom of page