There are a handful of simple measures that SME business owners can implement to limit their exposure to a cyber attack.

After first ensuring that antivirus and other security software is up-to-date, Chubb recommends the following Cyber risk mitigation steps:



  1. Develop a strong password policy

    Develop and enforce a strong password policy with a mix of letters, numbers, and symbols that are frequently changed.
    One of the easiest ways for cyber criminals to access SME assets is by walking through the virtual “open door” that employees provide when using weak passwords. To correct that situation, it’s a good idea for SMEs to establish a written password policy requiring strong passwords (e.g., a mix of letters, numbers and symbols) that are frequently changed. Passwords should also be changed automatically or accounts marked inactive when employees leave the company.
  2. Train your staff on cyber security

    Conduct regular training for employees about how to be cyber aware.
    SMEs should inform employees of the role they play in preventing a cyber breach. It’s all too easy for malicious software to hitch a ride into the company server when company laptops or other devices are used off-site and later connected to the internal network.

    The best ways to establish positive and secure habits within your company’s workforce is with regularly scheduled training and education.

    You should also restrict access to sensitive information by only allowing management or those who require that information for company operations, to have access.
  3. Update IT equipment and deploy security software

    Even basic security offerings feature similar technology to those used by major companies.
    Outdated operating systems and computers can be a risk because they are vulnerable to more sophisticated hacking techniques and newer forms of malware. At the same time, it’s important for SMEs to monitor those who have legitimate access to their computer network, as well as to monitor the network itself. Although SMEs do not typically have information security experts within their organisation, they can access basic downloadable software offerings that deploy some of the same technology solutions used by major companies within minutes.
  4. Create a Cyber Incident Response Plan

    A dedicated and prepared team of cyber responders consisting of both employees and outside service providers can work toward a resolution for certain cyber incidents more quickly.
  5. Purchase Cyber Insurance

    In addition to the above steps, SMEs can more fully cover their assets and cash flow by purchasing cyber insurance.


    The cost of insurance will almost always be far less than the cost of shutting down a business in the wake of one or more cyberattacks. And cyber insurance, such as Chubb Cyber ERM can be pre-packaged with some of the services mentioned above.
Learn More: Chubb Business Insurance
Explore how Chubb can help protect your business.
Explore how Chubb can help protect your business.

This content is brought to you by Chubb Insurance Australia Limited (“Chubb”) as a convenience to readers and is not intended to constitute advice (professional or otherwise) or recommendations upon which a reader may rely. Any references to insurance cover are general in nature only and may not suit your particular circumstances. Chubb does not take into account your personal objectives, financial situation or needs and any insurance cover referred to is subject to the terms, conditions and exclusions set out in the relevant policy wording. Please obtain and read carefully the relevant insurance policy before deciding to acquire any insurance product. A policy wording can be obtained at www.chubb.com/au, through your broker or by contacting any of the Chubb offices. Chubb makes no warranty or guarantee about the accuracy, completeness, or adequacy of the content. Readers relying on any content do so at their own risk. It is the responsibility of the reader to evaluate the quality and accuracy of the content. Reference in this content (if any) to any specific commercial product, process, or service, and links from this content to other third party websites, do not constitute or imply an endorsement or recommendation by Chubb and shall not be used for advertising or service/product endorsement purposes. ©2020 Chubb Insurance Australia Limited ABN: 23 001 642 020 AFSL: 239687. Chubb®, its logos, and Chubb.Insured.SM are protected trademarks of Chubb.

Have questions?

Contact a broker today.

Insights & Resources

We keep you informed – and your business protected – with these helpful articles.

Risk Management
7 Slipping Hazards Lurking In Your Office
When we head to work each day, a slip-and fall-accident is probably the last thing on our minds—but, in fact, they are much more common tha
Risk Management
What Businesses Should Know About Water Damage
Whether it’s from a leaky hot water system or a flood, did you know that, according to Chubb claims data, your office is more likely to hav