Odds are high that your business will be affected by a cyberattack. We’ve all heard of the recent casualties of the Cyber War: an Equifax data breach revealed the personal information of 145 million customers. The Yahoo breach left 3 billion accounts vulnerable. Uber customers totaling 57 million found a ride – and had their personal data stolen.
But my business is smaller than these, you say. Is my risk really that high?
The answer is a resounding yes. According to USA Today, nearly two out of three cyberattacks are now directed at small businesses. Their vulnerability exists dueto a perception they are not the target, and the absence of insurance protection after the event. It’s a problem of preparation AND protection. Without the proper security in place, a breach may occur – and without insurance coverage to handle the aftermath, the result can be financially devastating.
Cyber insurance is likely necessary regardless of your company’s size. For proof, examine the following scenarios. Both are real-life cautionary stories from Bay Area small businesses.
Looking back, it’s obvious that the accounting software was easy to breach. A hacker found a way in and methodically added fake employees one by one, shuttling money to an outside account and leading to more than $200,000 in losses.
Another cyber criminal did his homework in a major way, learning about the company’s employees and customers in detail. He then requested a wire transfer from a client to a fake email address that read suspiciously close to a salesperson’s. -The result? Thousands of dollars lost.
Regardless of how a breach occurs, the end result is the same: potential economic devastation. Businesses may store private customer information protected by law, and a cyberattack can create havoc for a business owner from a first and third-party standpoint. The business owner could lose access to valuable data necessary to run their business, resulting in a temporary shutdown and perhaps even a ransom to restore it.
If customer data is breached, the business could face lawsuits from third parties for not adequately protecting information, as well as government fines and penalties for certain types of legally protected data. After probable costs of legal fees, data forensics, public relations consultants, notification and data monitoring services are totaled, the loss is staggering. According to the Ponemon Institute, the average cost is $154 to $158 per breached record.
Adequately protect your business with a two-pronged approach. By implementing loss control measures to avoid or reduce your exposure to cyber risk and purchasing a cyber insurance policy specifically designed to cover this type of loss, you can avoid becoming a statistic.
According to a 2016 survey conducted by Risk.net, risk management executives named cyberattacks as the top emerging risk to their business – and there’s no one-size-fits-all answer for coverage. Invite an experienced insurance advisor to examine your risk and recommend the correct course of action.
Gauge your company’s current vulnerability. Download the free Cyber Risk Exposure Scorecard and contact us to learn more about Cyber Risk Management services that protect your business.