Cyber insurance and your small business
SME's have been the slowest to protect against cyber crime, making them more vulnerable to the threat.
It might be easy to dismiss cyber crime as completely irrelevant to your business on account of its small nature — who would actually take the time to exact a cyber crime against your small business when they could be hitting the big leagues, right?
The reality is that cyber crime is believed to cost Australian businesses — of all sizes — around $4.5 billion a year, but despite that, so few businesses are insured against it.
In fact, small businesses have been the slowest to protect against cybercrime, making them more vulnerable to the threat.
When you consider that almost all businesses have an internet presence or make use of the internet in their everyday business dealings, it becomes pretty clear that cybercrime presents a risk to even the smallest businesses.
Pretty much every business — be it big or small — will be reliant on data to some extent. Such data can include employee profiles, private corporate information, any identifying numbers (like Medicare and driver’s license numbers), and information of a personal nature about customers, budget details, and credit card information. The consequences of such data being breached and made public can be wide-ranging.
So, let’s have a look at cybercrime and insurance a little further so that you can make a more informed decision about whether or not it’s worth looking into for your business.
What is a cybercrime?
In basic terms, cybercrime is a blanket term for any type of activity of a criminal nature that is carried out using a computer and/or the internet.
Cybercrime includes all of the following:
- Identity theft
- Use of malware
- Use of viruses
- Computer and network hacking
- Online scams
- Phishing scams
- Information theft
When you consider that almost all businesses have an internet presence or make use of the internet in their everyday business dealings, it becomes pretty clear that cybercrime presents a risk to even the smallest businesses. Criminals don’t necessarily need to hack your systems to commit cybercrime; if they manage to get their hands on a laptop, iPad or mobile phone belonging to your business (either because it has been stolen or left unattended), they have easy access to your information and are able to more easily commit their crimes.
How will cybercrime affect my business?
The ways in which cybercrime can affect your business are actually a lot more expansive than one may have initially thought and are usually not contained to a defined period of time; rather, the effects tend to be ongoing and costly.
Beyond the general business interruption, a breach of data that results in personal information of customers or employees being made public can result in significant fines, legal fees, and costs associated with investigating the breach and notifying customers of the potential effects it may have on them.
Consider also the loss of business. Your existing customers are unlikely to continue being your customers if their personal information becomes public — and even if a cybercrime committed against your business doesn’t directly affect them, the fact any crime was able to be committed at all will leave them feeling uneasy.
A cybercrime against your business could also affect your reputation and drive away potential customers who may think twice about dealing with you given your company’s cybersecurity shortcomings.
Can’t software keep my business safe from a cyber attack?
Yes, there are certain things you can do to help minimise the risk of a cyber attack and these things include all of the following:
- Reputable anti-virus programs
- Secure data backup
- Firewall technology
- Data encryption
- Laptop and mobile security
- Adequate social media policies
If all of this sounds like gibberish to you, don’t feel bad. The reality is that most businesses aren’t aware of the extent to which they need to have such things in place to protect themselves and their information, which often leaves them incredibly vulnerable to cybercriminals.
And, unfortunately, even if you do have all the right systems and software in place, your business is still at risk — particularly if your business involves the collection of customer information, including personal, credit card and bank details.
What does cyber insurance cover?
Although policies will vary between insurers, a typical cyber insurance policy is designed to help you with both preventing breaches in the first place and dealing with them if and when they occur. Cyber insurance policies usually include the following:
- The cost of restoring or recreating electronic data following a breach or leak
- Forensic services to investigate a breach
- PR coaching in the event a breach harms your business’s reputation
- Assistance guarding against data breaches, hacking and employee error
- Guidance on how to respond to a breach
- Funds to cover the adverse financial effects related to a breach
- Funds to cover any fines that might be payable following a breach
Small businesses have been the slowest to protect against cybercrime, making them more vulnerable to the threat.
How can I determine whether or not I need cyber insurance for my business?
The best way to determine if cyber insurance — and the threat of cybercrime — is of relevance to your business is to talk to a trusted business adviser, who knows the ins and outs of your business operation, and/or an insurance broker at Cartwrights who is unaffiliated with any particular insurance company.
As always, don’t be afraid to ask as many questions as you need to have a solid understanding of your insurance needs, the threats such insurance is designed to guard against and the details of any policy you are considering purchasing.
Article Brought to you through Well Covered and Cartwrights