{"id":35998,"date":"2026-05-14T08:36:11","date_gmt":"2026-05-14T08:36:11","guid":{"rendered":"https:\/\/www.europesays.com\/britain\/35998\/"},"modified":"2026-05-14T08:36:11","modified_gmt":"2026-05-14T08:36:11","slug":"uk-smes-better-at-email-security-than-north-america","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/britain\/35998\/","title":{"rendered":"UK SMEs better at email security than North America"},"content":{"rendered":"<p>              <img decoding=\"async\" alt=\"Joseph Gabriel Lagonsin\" class=\"size-12 shrink-0 rounded-full border border-slate-100 object-cover\" src=\"https:\/\/www.europesays.com\/britain\/wp-content\/uploads\/2026\/05\/Techday_Bio_Photo.webp\"\/><\/p>\n<p>                JOSEPH GABRIEL LAGONSIN<\/p>\n<p>                News Editor<\/p>\n<p>KYND has found that 54.9% of small and medium-sized businesses in North America lack basic email security protections, compared with 31.7% of small and medium-sized enterprises in the UK.<\/p>\n<p>The cyber risk intelligence provider analysed 7,980 SMBs across the US and Canada and 830 UK SMEs. The results point to broad weaknesses in cyber hygiene among smaller businesses.<\/p>\n<p>Email authentication was one of the clearest gaps in the data. Missing or invalid SPF and DMARC controls left businesses more exposed to phishing, impersonation and fraud, affecting a much larger share of North American companies than their UK counterparts.<\/p>\n<p>The findings also highlighted a separate problem with ageing systems. Outdated software was present in 51% of North American SMBs and 55.1% of UK SMEs, suggesting patching and software maintenance remain inconsistent on both sides of the Atlantic.<\/p>\n<p>Internet-facing services added another layer of risk. The analysis found that 10.7% of North American SMBs and 8.0% of UK SMEs had exposed file-sharing services using Server Message Block, while 9.5% of North American SMBs and 5.8% of UK SMEs had exposed Remote Desktop Protocol systems.<\/p>\n<p>A smaller group had both forms of exposure at the same time. Some 4.3% of North American SMBs and 2.7% of UK SMEs were running both remote access and file-sharing services in ways that could create multiple entry points for attackers.<\/p>\n<p>Insurance gap<\/p>\n<p>These weaknesses are commonly linked to phishing, ransomware and business email compromise attacks, all of which continue to feature heavily in cyber insurance claims. Yet cyber insurance adoption among smaller businesses remains low, with penetration often estimated at below 10% in many parts of the market.<\/p>\n<p>That leaves insurers facing a familiar problem: a large pool of companies with visible cyber weaknesses but limited insurance cover. For brokers and underwriters, the figures also point to a commercial opportunity if they can identify risk more clearly and help clients reduce exposure before a claim occurs.<\/p>\n<p>Ben Duffy, Vice President and Head of North America at KYND, said: &#8220;Many of these risks are externally visible and relatively easy for attackers to identify. What this research shows is that cyber exposure among SMEs and SMBs is widespread, measurable and often preventable.<\/p>\n<p>&#8220;There is a clear opportunity for insurers and brokers to play a more proactive role by combining insurance cover with practical, data-led cyber risk insight. Better visibility of exposure can help improve underwriting, reduce friction across the insurance lifecycle and ultimately support stronger cyber resilience among smaller businesses.&#8221;<\/p>\n<p>Regional differences<\/p>\n<p>The contrast between North America and the UK was most striking in email security, where the gap exceeded 20 percentage points. In software maintenance, however, UK SMEs performed slightly worse than North American SMBs, underlining that weak cyber practices are not limited to one market.<\/p>\n<p>Those differences may matter for insurers trying to segment portfolios by geography and business type. External signs such as email authentication, open services and software age can be observed without direct access to internal systems, making them useful indicators in underwriting and renewal discussions.<\/p>\n<p>KYND argues that insurers could use external risk signals to improve underwriting accuracy and portfolio segmentation, help SMBs reduce exposure before incidents occur, simplify the sale and renewal of cyber insurance through better data, and move towards continuous monitoring of cyber risk across insured portfolios.<\/p>\n<p>The company, which focuses on cyber risk analytics for the insurance market, argues that smaller organisations remain an underserved segment despite being frequent targets for common attack methods. Many of the issues identified in the research involve standard controls and routine security maintenance rather than advanced technical failures.<\/p>\n<p>Duffy said: &#8220;Cyber risk is a core business risk for smaller organisations globally. By helping businesses better understand and manage that exposure, insurers have an opportunity to create value both for their clients and their own portfolios.&#8221;<\/p>\n","protected":false},"excerpt":{"rendered":"JOSEPH GABRIEL LAGONSIN News Editor KYND has found that 54.9% of small and medium-sized businesses in North America&hellip;\n","protected":false},"author":2,"featured_media":35999,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6752,16692,1859,16691,1193,11536,1870,1866,1877,16690,1884,1966,1964,16694,6741,1864,1858,16693,1872,1876,1963,1277,13699,5,6,1291,1923],"class_list":{"0":"post-35998","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-uk","8":"tag-attack-surface-management","9":"tag-brokers","10":"tag-business-continuity","11":"tag-business-email-compromise","12":"tag-canada","13":"tag-cyber-insurance","14":"tag-cyber-resilience","15":"tag-cyber-risk","16":"tag-cybersecurity","17":"tag-dmarc","18":"tag-email-security","19":"tag-infosec","20":"tag-it-governance","21":"tag-kynd","22":"tag-patching","23":"tag-phishing","24":"tag-ransomware","25":"tag-remote-access","26":"tag-risk-compliance","27":"tag-risk-management","28":"tag-security-posture","29":"tag-small-business-smb","30":"tag-spear-phishing","31":"tag-uk","32":"tag-united-kingdom","33":"tag-united-kingdom-uk","34":"tag-united-states-us"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@UnitedKingdom\/116572021280153154","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/britain\/wp-json\/wp\/v2\/posts\/35998","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/britain\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/britain\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/britain\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/britain\/wp-json\/wp\/v2\/comments?post=35998"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/britain\/wp-json\/wp\/v2\/posts\/35998\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/britain\/wp-json\/wp\/v2\/media\/35999"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/britain\/wp-json\/wp\/v2\/media?parent=35998"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/britain\/wp-json\/wp\/v2\/categories?post=35998"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/britain\/wp-json\/wp\/v2\/tags?post=35998"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}