Abstract
This article aims to analyse to what extent small and medium sized businesses (SMEs) in the United Kingdom (England, Scotland, Wales and Northern Ireland) utilise cyber risk insurance as a risk mitigation tool in their cyber security management systems. To this end, the authors, by adopting a systematic qualitative analysis, elaborate the nature and scope of cyber risk insurance products on offer for SMEs (the supply side of the cyber insurance market). They then by utilising the data obtained from SMEs randomly but purposively, attempt to gain an understanding of the attitude of SMEs to cyber security generally and to cyber risk insurance. The main conclusion of the article is that the insurance market should consider developing a new cyber risk insurance product that aligns cyber security closely with the principle of indemnity. It is discussed in the article how such a product will enhance SMEs’ cyber security resilience (hence providing a social benefit for the society) and at the same time afford new opportunities for insurance providers to expand the size of their business and variety of their products.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
