Cyber attacks on SMEs are rising sharply, yet many brokers find it difficult to convince clients that cyber insurance is a must-have. We sat down with Andrew Martin, our CEO, to talk about the top objections brokers hear from SME clients and how to handle them with confidence.
Objection 1: “We’re too small to be a target.”
Andrew’s response:
This is one of the most common misconceptions. SMEs may think hackers only care about large corporations, but the reality is they often have the same valuable data and digital systems just with weaker defences.
The challenge for brokers is that SMEs underestimate their risk. Without tailored insight, brokers can fall into a one-size-fits-all approach. Cyber risk changes rapidly; what was true a year ago, or even a month ago could already be outdated. Brokers need to show clients that even a single exposed login page or vulnerable system can make them a target.
Tip for brokers: Share up-to-date threat intelligence and examples of similar SMEs being targeted to break down this objection.
Objection 2: “We already have Cyber Essentials or ISO 27001 in place, so we don’t need cyber insurance.”
Andrew’s response:
On paper, an SME may appear secure; they might tick the right boxes on a questionnaire to get certified. Scans and threat intelligence, however, reveal stolen staff credentials and exploitable vulnerabilities for critical systems, completely unknown to the business.
Most cyber risks aren’t visible without the right tools. Insurance isn’t about replacing cybersecurity, it’s about protecting against the exposures that slip through the cracks.
Tip for brokers: Use cyber risk scans to highlight hidden vulnerabilities and make the risk tangible. Scans from MGAs are generally good, but they are not independent and benefit the MGA and its carrier, rather than your client.
Objection 3: “Cyber risk is the same for all businesses like ours.”
Andrew’s response:
Another mistake is assuming that all SMEs can be grouped solely by size, turnover, or sector. The truth is, risk profiles vary widely. Two businesses in the same industry may face very different risks depending on their digital footprint and operations.
Tip for brokers: Position yourself as a trusted adviser by explaining why their risk is unique, and why “cookie-cutter” policies may leave them exposed.
Objection 4: “We have a cyber incident response plan, so we’re covered.”
Andrew’s response:
Plenty of SMEs will say they have a plan, but often, it’s just a document that no one has ever put into action. When a real attack hits, the first 24 - 48 hours are critical. If staff don’t know how to execute the plan, chaos can follow.
Tip for brokers: Ask probing questions about how often the plan is tested, who’s responsible, and how quickly they could actually act. This helps show clients where cyber insurance and incident response services can add real value.
Objection 5: “Cyber insurance is too complex / not worth it.”
Andrew’s response:
Complexity is a big barrier. SMEs may feel overwhelmed by jargon or unclear about what they’re really getting. Brokers need to simplify the conversation, shifting it from “insurance product” to “business resilience.”
Tip for brokers: Break down coverages into real-world scenarios - what happens if their systems go down, if they’re locked out by ransomware, or if customer data is stolen. Relating policies back to business impact makes the value clear.
Brokers don’t need to be cybersecurity experts, but they do need the right education, intelligence, and tools to handle these objections. When you can show clients the realities of their risk, the conversation shifts from ‘do we need this?’ to ‘how quickly can we get covered?
Are you a broker looking to boost your cyber sales?
Breach Check, by DynaRisk, scans clients’ digital assets to give a true picture of their cyber risk. It helps you overcome objections, build trust, and protect both your portfolio and your customers.
Want to find out more about Breach Check? Why not book a demo with our team and join brokers across the world who are using Breach Check to drive new business, identify new markets and boost customer engagement?