Sarah Adams, cyber risk specialist at business insurance broker PolicyBee, discusses how the world of online opportunities extends to that of cyber criminals, and what to do to stop it in its tracks.
Protecting your business against a cyber-attack is, of course, completely sensible. Problem is, increasingly sophisticated hackers are finding new ways to get through even the most robust security measures.
Any business that uses the internet – and that’s pretty much every business – can fall victim to a cyber-attack. Yes, even those that have taken steps to increase their internet security and protect their systems against spyware, malware, ransomware are susceptible.
The truth is that cyber criminals don’t care what a business actually does. While large businesses can start pound-signs flashing in the eyes of salivating hackers, small businesses are (easy) targets too.
Cyber criminals don’t discriminate, and they don’t give up. Even with the best will in the world and the most stringent of IT security procedures in place, a savvy thief will always find a way through.
The consequences of this tenacity can be far-reaching; both for the businesses that fall victim, and for their clients. Money, time, reputation and future income are all at stake, with costs for managing reputational damage, legal or regulatory costs often proving to be the straw that breaks the camel’s back.
According to the Cabinet Office, ‘fixing’ just one security breach can cost upwards of £15,000 for small businesses and up to £250,000 for larger businesses, and that’s only one piece of the jigsaw that will need to be put back together.
Costs of identifying and fixing the problem, replacing damaged software and hardware, hiring specialist IT security consultants, hiring a PR firm to manage a damaged reputation, and hiring a solicitor to deal with clients who’ve had their own business compromised as a result of cybercrime, can spiral into the many thousands.
Cyber insurance is specifically designed to protect businesses from all of the above and more. It can cover the cost of repairing systems or websites, cover the costs of using temporary equipment to help with business continuity, compensate those irate clients, as well as cover the often-overlooked reputation management costs.
Getting back to business as quickly as possible should be number one on the agenda of a cybercrime victim, yet it’s worrying that so many businesses still see this type of protection as a ‘nice to have’, and not a ‘need to have’.
Today’s world is uber-connected, and it’s not just the humble office server proving to be a liability in 2017. Mobile technology enables staff to work from pretty much anywhere in the world, social media enables them to speak to pretty much anyone in the world, and even home appliances have been given the digital treatment – enabling them to access Wi-Fi and mobile networks at the click of a button.
All of these devices equal more opportunities for professional cyber criminals and unscrupulous hackers to get stuck in. How many businesses are confident enough to say they have all these angles covered?
It’s worth noting though, that not all cyber insurance policies are created equal. Businesses should take care check that their cover includes extra things like forensic investigations, legal advice, notifying customers or regulators, and offering support to any affected customers too, on top of compensation for loss of income.
With proper risk management and a little foresight, businesses can protect their businesses from cybercrime fallout for less than the cost of treating their staff to lunch once a month. Not investing in cyber insurance therefore is not only incomprehensible, but plain bad business.
For more info visit www.policybee.co.uk/cyber-insurance