Cyber insurance provides protection against a range of digital threats. Businesses of all sizes are vulnerable to data breaches or malicious cyberattacks. Specialist cyber insurance will give your business invaluable support to help you recover from a cyberattack, while also providing cover from various expenses that can arise from a data breach.
In this essential introduction to cyber insurance, we’ll explain why no business should be without dedicated cover for cyberattacks and data breaches.
Want to discuss your cyber security risks? We have a team of experts on hand to help. Call us on 0208 290 9080 or email us at cyber@anthonyjones.com.
How Big of a Problem are Cyberattacks?
According to the latest cybersecurity figures from Aviva:
- 1 in 5 businesses have suffered a cyber-attack in the past year.
- You are 67% more likely to suffer a cyber-attack than a physical theft loss.
- The average claim for a cyber loss is £21,000.
If a cyberattack is more common than fire or theft, why do so few businesses not get adequate cyber insurance? Why do businesses readily buy cover for some risks, but not other, much more likely risks?
Read our full guide to the scale of the cybercrime problem.
What Are The Most Common Forms of Cyberattacks?
- Ransomware: A form of malicious software, or malware, that cybercriminals use to encrypt system data, making it inaccessible to its users. Cybercriminals then demand a ransom payment in exchange for a decryption key. Typically, businesses hit by a ransomware attack experience around three weeks of downtime.
- Phishing: A form of attack in which cybercriminals send an email that appears to come from a trusted source, such as a colleague, a manager, or a bank. Yet the email is fake, and designed to trick someone into providing sensitive information, such as login details. Phishing attacks can therefore expose businesses to other, more serious forms of cybercrime.
Read our full guide to various different types of cyberattacks.
Do Small Businesses Need Cyber Insurance?
Unfortunately, cybercriminals will not ignore your business because of its size. In fact, the evidence suggests that cybercriminals are actually more likely to target smaller businesses over larger businesses.
This is because cybercriminals know that small businesses are less likely to have adequate protections in place. Plus, as very few small businesses can afford to give their staff cybersecurity training, employers are less likely to spot potential risks. It’s due to this lack of awareness that so many businesses fall victim to phishing attacks.
Not only are small businesses more vulnerable to data breaches, but they also lack the means to adequately respond. So, if a cybercriminal targets a smaller business, they know that they’re more likely to get the results they want.
What Should You Expect When You Purchase Cyber Insurance?
A good cyber insurance policy will offer more than a cash settlement. It will also offer the support your business, your employees, and your customers need to recover.
When choosing cyber insurance, look for the following:
Breach Response
- When you report an incident to your insurer, they will deploy cybersecurity experts to get a grasp of the situation, and manage your response.
- Your insurer can also provide PR specialists and branding experts to help reduce your reputational damage.
First Party Business Loss
- Restore, recover or repair systems, data, software and websites. Damage to Computer systems.
- Cyber Extortion – expenses incurred to respond to a threat.
- Loss of Revenue and additional costs of working, including loss of future customers due to reputational damage.
- Business interruption protection for contracted providers of IT, data hosting, or processing services.
- Loss of income and expenses of a system failure.
Third Party Liabilities
- Data Privacy – breach of personal data, data legislation, loss or disclosure of third-party information.
- Regulatory fines and penalties under law.
- Network Security – failure to protect unauthorised access or negligent transmission of a virus.
- Payment card industry – fines, penalties and assessments from the breach.
Social Engineering
- Unauthorised use of computer equipment, social engineering fraud, funds transfer fraud, telecommunications fraud, corporate identity fraud, loss of money or securities
- This is often an optional extra in cyber insurance policies. But in our opinion, it’s critical.
Read our full guide to what you should look for in a cyber insurance policy.
What Cybersecurity Should You Have in Place?
Cyber insurance is the cure for cybercrime. But prevention is much more important.
Your business needs a dedicated cybersecurity policy covering the protection of devices, services and networks, and the information on them, from unauthorised access, theft, or damage.
You should have good practices in place for:
- Data Storage.
- Data Backup.
- Firewalls to prevent unauthorised access.
- Software Updates.
- Payment Authorities and checks.
- Antivirus Software.
- Training around phishing, and other forms of social engineering fraud.
Read our essential introduction to cybersecurity and IT security.
We Can Help You Protect Your Business Against Cybercrime
If you’re aware of the danger of cyberattacks, then you have a responsibility to cover your business against risks. Specialist cyber insurance is increasingly becoming a business essential.
As we’ve explained above, in the event of a data breach, cyber insurance will cover your business’s liability as well as your ability to manage the impact on both your systems and finances.
If you have any questions about business insurance, or if you want to ensure your business has adequate cyber insurance in place, we have a team of experts ready to help. Call us on 0208 290 9080 or email us at cyber@anthonyjones.com.
