Imagine coming to work one day and finding that your whole company had been locked out of its computer systems, with a ransom note left behind. Or imagine hackers stealing your clients’ financial or medical information and posting it on public websites. These are just some of the real-life cybersecurity horror stories that small business owners have experienced.
Cyber insurance coverage can not only help you recover if you are the victim of an attack… it can also help you avoid becoming the victim of an attack in the first place.
Cyber Protection is More Important Than Ever
A new report shows nearly 75% of organizations have experienced a cyberattack of some kind in the past year. That includes things like phishing, social engineering, and ransomware. The larger the company, the more attacks it experienced, in terms of both number and variety.
The State of Cyber Resilience survey was conducted by Marsh LLC and Microsoft. They contacted more than 660 cyber risk decision-makers in early 2022. It found that companies consider ransomware the top cyber threat. However, phishing and social engineering attacks, privacy breaches, business interruption because of external supplier and partner disruptions, and denial of service attacks also ranked high.
The survey also found that 79% of organizations have a response plan in place. But 40% think their overall “cyber hygiene” needs to be improved. Just 20% have confidence in their organization’s cyber risk management capabilities. That includes understanding and assessing cyber threats, mitigating or preventing cyber attacks, and managing or responding to cyber attacks.
Most organizations in the survey planned to increase investments in cyber insurance coverage over the next year.
US Chamber of Commerce Cybersecurity Report
Meanwhile, the US Chamber of Commerce looked at cybersecurity concerns at middle market companies in a separate report. It found that 22% of middle market companies said they had experienced a data breach just in the past year. Another 72% think that unauthorized users will attempt to access their data or systems in 2022.
The good news is that the number of new cybersecurity breaches among middle market companies is gradually dropping as organizations put more protections in place and executives gain a better understanding of the consequences.
The 2022 Cybersecurity Special Report looks at what information and data privacy strategies companies use, how they manage threats like ransomware and social engineering, what experiences other business leaders have had, the benefits of moving to the cloud, and how cyber insurance is evolving.
Good Cyber Hygiene
According to the US Chamber of Commerce, businesses of all sizes should practice good cyber hygiene to protect themselves against threats. That includes simple steps like:
- using strong passwords,
- enabling two-factor authentication, and
- updating your software frequently.
The Chamber also warns that Russian cyber attackers may target US businesses of all sizes. That’s according to the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). They say small business owners are not exempt, especially those providing services or products to larger business partners. The FBI Cyber Division says even if you are a small business, you could be a target because of your role in the overall supply chain. In addition, small businesses also may have less cushion to respond.
If a cyber incident has impacted your business, the FBI and CISA want you to report it to CISA at email@example.com or through a regional office. CISA has also launched a one-stop source for information called Shields Up, which documents malicious activity and how to address those risks.
Cyber Insurance is Evolving and Improving
Cyber insurance coverage has been evolving along with risk since the widespread adoption of the internet in the late 1990s. The Marsh and Microsoft survey found that 41% of companies said that requirements by insurers played a part in developing their cybersecurity best practices and controls.
Some insurers are requiring more from companies to meet cyber insurance requirements. That’s according to a recent survey by the Council of Insurance Agents and Brokers (CIAB).
Many insurers are now requiring things like:
- Multifactor authentication,
- Stronger passwords,
- Third-party vendor management,
- An incidence response plan,
- Training employees on phishing,
- Penetration testing,
- Systems backups, and
- Endpoint detection.
However, insurance carriers are stepping up to provide companies with the resources to meet these requirements. These include tools, assessments, and consultations.
How Cyber Insurance Can Help
Even if you’ve taken best practice precautions, your company or organization could still be the victim of an attack. What now? Cyber insurance can help offset costs from things like data breaches and ransomware. Cyber insurance can also help with:
- Repairing damaged computer systems,
- Recovering and recreating compromised data,
- Notifying customers about a data breach,
- Helping victims of identity fraud restore their credit history.
Some business owners and decision makers wrongly believe that General Liability Insurance covers cyber liability. In most cases, it does not. General liability policies, which focus on property damage and bodily injury, often exclude cyber insurance.
Many insurers also offer tips to help manage your cyber risks, including how to protect yourself from data breaches, malware, viruses, and more.
There are often two main types of Cyber Insurance policies: Cyber Liability Insurance and Data Breach Coverage.
Cyber Liability Insurance
Cyber liability insurance, also known as Cyber Protection Insurance, helps cover financial losses due to cyberattacks or other tech risks. It can also cover potential lawsuits following an attack and regulatory fines.
Data Breach Insurance
Data Breach Insurance, also known as Data Compromise Insurance or Data Compromise Protection, can help you offer things like credit monitoring services to victims of identity theft. It can also cover services a public relations firm provides and services to alert affected customers.
How to get Cyber Insurance
With the rise in cyber-crime, it’s important to be protected with a cyber insurance policy. It can be essential in recovering from cyberattacks.
Farris Insurance Agency can help you find the best cyber insurance policy that’s right for your business.
We serve businesses and people across Northwest Arkansas, including Springdale, Fayetteville, Bentonville, Rogers, Benton County, and Washington County. Contact Farris Insurance at (479) 756-6330 and get a quote today.