IS YOUR SMALL BUSINESS DATA SECURE? DON’T WAIT TO FIND OUT.
On the back of several high-profile data breaches in recent years, Cybersecurity is increasingly top of mind for executives as well as customers. Hackers are targeting organizations of all sizes with increasing sophistication and persistence. As the risk grows, what is being done?
Experts Say: Not Enough.
Criminal networks are devoting an increasing proportion of their time and attention to Cybercrime because it’s easier and more lucrative than more traditional types of crime, and harder to get caught. Worryingly, businesses seem to be inclined to take a reactive rather than proactive approach.
While 99.8% of Canadian companies fall into the category of small or medium-sized businesses (SMBs), and 43% of Cyberattacks specifically target them, 90% do not have cyber insurance. Costs per incident run from the tens of thousands of dollars in smaller companies, to millions for larger, better-known organizations. Recent research into the topic of Cybersecurity has highlighted the need for improved focus on personnel training and specialized IT staff.
Small businesses spend comparatively less on Cybersecurity, and the impact of Cybercrime on them tends to be more severe when it does happen: many small businesses which have been hacked go out of business shortly after (estimated at 60%) because they are simply unable to deal with the financial and reputational cost.
Typically, an organization’s Cybersecurity budget is a proportion of their IT budget (often around 10%). Most organizations spend more on Cybersecurity after an attack, but mostly on technology such as firewalls and anti-malware software rather than personnel training and governance. Larger organizations seem to take the problem more seriously, but they also tend to be more frequent targets of attacks due to the bigger payoff.
While important, technological safeguards do not address the entire spectrum of cyber risk. Phishing attacks are becoming increasingly sophisticated, and tend to target front-line employees who may be unprepared if they have not received appropriate Cybersecurity training. Employee access to data is itself a risk that organizations need to actively manage: for example, a USB flash drive left in the open with sensitive data on it can present a golden opportunity to the unscrupulous.
Failure to safeguard against Cyberattacks can injure more than just a company’s financial position; the very survival of an organization can be threatened. A successful Cybersecurity strategy will involve adequate spending on training, governance and internal processes to reduce risk as well as technology, and a comprehensive insurance plan to address risks which cannot be adequately reduced or managed.
What Can Be Done?
Front Row Insurance offers a solution called Hackinsure which is designed to provide additional protection for your business against emerging threats in the area of Cybersecurity.
- Third-party cyber liability, which put simply covers you against lawsuits from third parties due to a Cyberattack on your business,
- First-party cyber liability, which covers the cost of actions taken to “make right” a Cyberattack for your customers—things such as notifying clients, purchasing credit monitoring services for affected parties, and PR efforts related to the attack.
- Data Breach coverage, which protects against destruction or loss of digital data resulting from a criminal or fraudulent cyber event.
- Extortion & Ransomware, which covers costs associated with investigating threats of Cyberattack, and payments to those who threaten to obtain and disclose sensitive information.
- Business Interruption: Provides coverage for lost income which is due to a Cyberattack or data loss event.
In this technological age, no business is immune to Cybersecurity risks, and the costs of a breach can be crippling. Hackinsure policies from Front Row begin at $300. Contact us today.