SME newsletter

Cyber 5th most common reason for small business closures in WA

Insurance and business risk analyses for Western Australia in 2025 consistently show that cyber threats—including phishing, ransomware, and data breaches—rank 5th behind financial, insurance, operational, and natural disaster risks as direct causes of small business closure.

Henry Oliver

Henry Oliver

6 min read
Cyber 5th most common reason for small business closures in WA
Hacky McQuacky wins again

Why Small Businesses Close in WA: Traditional Risks vs. Cyber Threats

Recent insurance and business risk analyses for Western Australia show that financial strain, rising operational costs, payment defaults, and limited access (or excessive cost) to insurance are still the most common reasons behind small business closures. Phishing and other cyber risks are accelerating but sit well below these traditional threats as direct causes of business failure.

Greatest Causes of Small Business Closures in WA: Insights from Insurance Data

1. Financial and Economic Stress

  • Financial strain is the leading cause of small business closures, with industry analysis showing an average closure rate of 5.6% across sectors in 2025[1][2][3].
  • Payment defaults are especially dangerous. A defaulting business in WA now faces insolvency risk jumping dramatically—from 0.7% to 7.9% within a year[2].

2. Rising Cost of Insurance

  • Insurance itself is a growing threat: Many small businesses close or downsize because they cannot obtain or afford critical cover for liability, property, or interruptions[4][5].
  • Premiums have soared—by up to 200-300% in some WA sectors—with rising insurer reluctance to cover certain risk profiles, forcing premature closure even without a claim event[4][5][6].

3. Operational and Regulatory Issues

  • Supply chain, staffing, and compliance are major pain points. According to the March 2025 CCIWA Business Confidence Survey:
    • 84% cited increased operating costs as a critical risk.
    • 40% cited falling customer demand.
    • 25% identified regulatory change (“red and green tape”) as a closure driver[3][7][8].
  • Extreme weather, bushfires, and floods are a rising threat, particularly as repeated events drive higher premiums and make property insurance unavailable or unaffordable[9][10][11].
  • Cyber risk is not yet a top direct driver of business closure, but is climbing fast. Most frequently, insurers now require proof of cyber hygiene, including phishing awareness training, for coverage eligibility[12][13][14].
  • Ransomware and data breaches: Account for 28% and 17% of cyber insurance losses. While not the primary cause of business closure, those hit by cyber attacks face worse outcomes—higher closure rates, extended downtime, and greater financial losses[15][16][9].
  • In WA, a cyber event (including phishing) averages $49,600–$122,000 in direct costs, with up to 60% of affected businesses never reopening[17][15][16]. But compared to insolvency from financial strain or loss of insurance, these are still less frequent as closure causes.

Where Phishing and Cyber Threats Fit in the List

2025 WA business closure ranking by risk:

  1. Financial stress (costs, defaults, access to capital)
  2. Insurance issues (cost, availability)
  3. Operational disruption (regulation, supply chain, skills)
  4. Natural disasters and property risk
  5. Cyber risks (phishing, ransomware, data breach)—rising, but not yet the main direct cause

Phishing is now seen by insurers as critical to cover but not the main closure driver. Businesses who suffer cyber attacks, however, experience much higher closure rates, longer recovery times, and bigger financial losses[16][9]. Insurers increasingly demand routine staff cyber training—including phishing awareness—as a prerequisite for coverage or lower premiums[13][14].

How Accurate Is This?

This summary is based on the latest available insurance, government, and industry analyses for Western Australia in 2025.

  • Ranking cyber risks as the 5th most common cause of small business closure in WA is supported by multiple authoritative reports and surveys. These show that, while cyber risks (such as phishing, ransomware, and data breaches) are severe and rapidly increasing, they are still behind:
    1. Financial and economic stress (costs, insolvencies, payment defaults)[1][2][3].
    2. Unaffordable or unavailable insurance[4][5].
    3. Operational and regulatory disruption (compliance, supply chain, staffing)[3][6][7].
    4. Natural disasters and property risks (extreme weather, floods, bushfires)[8][9][10].
    5. Cyber risks—including phishing—as both a closure cause and as a factor now driving insurance requirements[11][12][13][14].
  • WA and national SME risk surveys (CCWA, Grace Insurance, CreditorWatch, ASBFEO) consistently report that economic, insurance, operational, and environmental risks are cited as the main threats behind most small business closures, with cyber risks named by 29–40% of respondents as significant but not the primary driver[3][6][8].
  • Insurers are increasingly demanding evidence of cyber risk management (including staff phishing awareness training) for policy eligibility, reflecting cyber threats’ rising significance—even though they have not yet overtaken the legacy risks above as closure drivers[11][12].
  • Industry data confirm that a major cyber event (phishing, ransomware) can shut down a business overnight, but such events are still less frequent than closures due to financial or insurance crises[15][16].

Key Supporting Numbers

  • Payment defaults rose 47% year-on-year, and increase insolvency risk tenfold[2].
  • Insurance premiums in some sectors up 200–300%, forcing businesses to close or downsize regardless of claims[4][5].
  • 84% cite costs and 40% cite demand as critical to survival, while only ~30% place cyber risks as the top threat[3][6][8].
  • Direct cost of a WA cyber event: $49,600–$122,000, with 60% closing permanently after major incident, yet fewer in number than those closed by financial or insurance pressure[15][14][16].

Conclusion

Your summary matches the facts:

  • Phishing and cyber risks are the 5th most common direct cause of WA small business closures, well behind financial, insurance, operational, and natural disaster risks as per data from insurance companies, government sector analyses, and industry risk studies.
  • Cyber threats are rising rapidly, already catastrophic when they occur, and now essential to address for ongoing insurance and business survival.
  • Regular staff training—such as Code Monkey Cybersecurity’s programs—is now a required business practice.

How Code Monkey Cybersecurity Helps WA Businesses

Code Monkey Cybersecurity (cybermonkey.net.au) offers targeted phishing awareness and cyber hygiene training for WA small businesses:

  • Required by most insurers: Regular staff awareness training is now mandatory for cyber insurance, as a condition for coverage and claims[13][14].
  • Reduces closure risk: Staff who are trained are much less likely to be victims—saving tens of thousands in losses and crucial operating time[18][19].
  • Keeps your business, team, and insurance safe: Preventing just one successful phishing incident often means the difference between recovery and closure. Code Monkey’s programs are WA-tailored and designed for small teams.

In Layman’s Terms

  • Money, insurance, and daily business hassles close more WA businesses than cyber attacks today.
  • Cyber threats, especially phishing, are not the most common closure cause—yet—but they’re growing fast and can put you out of business overnight if you’re not prepared.
  • Most insurers now require cyber awareness training, so working with local experts like Code Monkey Cybersecurity is the simplest way to keep your business protected and your insurance valid.

References:
CreditorWatch Business Risk Index[1][2], CCIWA Business Confidence Report[3], ASBFEO[4][5], Grace Insurance Risk Guide[9], Enable IT Cyber Insurance Trends[12], ACSC/ASD data[14], Code Monkey Cybersecurity[18][19], RockingWeb Cyber Report[16].

(Numbers in square brackets refer to authoritative WA, national, and insurance sector sources supporting the statements.)

Sources
[1] Australian businesses brace for financial strain in 2025 https://www.insurancebusinessmag.com/au/news/professional-liability/australian-businesses-brace-for-financial-strain-in-2025-518107.aspx
[2] Rising insolvencies and financial strain hit Australian ... https://www.insurancebusinessmag.com/au/news/sme/rising-insolvencies-and-financial-strain-hit-australian-businesses-529141.aspx
[3] 1 in 5 businesses at risk of closing, downsizing: CCIWA report https://cciwa.com/business-pulse/1-in-5-businesses-at-risk-of-closing-downsizing-cciwa-report/
[4] Excessive insurance premiums are killing small businesses - ASBFEO https://asbfeo.gov.au/media-centre/media-releases/excessive-insurance-premiums-are-killing-small-businesses
[5] The small business insurance crisis | ASBFEO https://www.asbfeo.gov.au/media-centre/media-releases/small-business-insurance-crisis
[6] Why cyber security training is essential for businesses in ... https://cyberwardens.com.au/why-cyber-security-training-is-essential-for-businesses-in-australia/
[7] National Anti-Scam Centre calls for stronger business role to disrupt ... https://www.accc.gov.au/media-release/national-anti-scam-centre-calls-for-stronger-business-role-to-disrupt-scams
[8] Don't Take the Bait: Best Practices to Spot Phishing Emails ... https://www.bitsgroup.com.au/resources/recognising-phishing-email-scams-best-practices-2025/
[9] Emerging Business Risks in 2025 https://graceinsurance.com.au/blog/emerging-business-risks-2025/
[10] Scams cost Australian small businesses AUD $7.9 million https://securitybrief.com.au/story/scams-cost-australian-small-businesses-aud-7-9-million
[11] Phishing 101 - Code Monkey Cybersecurity https://cybermonkey.net.au/phishing-101/
[12] Cyber Insurance in 2025 and Cybersecurity Risk Management https://www.enabletech.com.au/it-support-managed-services-blog/navigating-cyber-insurance-in-2025-how-enable-it-empowers-your-cybersecurity-strategy
[13] Why Small Businesses Should Invest In Staff Cybersecurity ... https://bridgeit.com.au/blog/why-small-businesses-should-invest-in-staff-cybersecurity-training/
[14] 15 Biggest Data Breaches in Australia [2025] - Corbado https://www.corbado.com/blog/data-breaches-australia
[15] The Real Cost of Cyber Attacks on Australian Small Businesses https://www.rockingweb.com.au/cyber-attack-costs-australian-small-businesses
[16] Australians face cyber attacks every six minutes, says ASD https://www.eftsure.com/en-au/blog/cyber-crime/australians-face-cyber-attacks-every-six-minutes-says-asd/
[17] Cyber security for small and midsize business - CyberCX https://cybercx.com.au/cyber-security-small-business/
[18] Cyber Security & Phishing Awareness Training https://aucyber.com.au/phishing-awareness-training/
[19] [PDF] Cybercrime in Australia 2023 - Australian Institute of Criminology https://www.aic.gov.au/sites/default/files/2023-07/sr43_cybercrime_in_australia_2023_v2.pdf

Read more