The short answer is, “YES!”
Unfortunately, many businesses have no idea how vulnerable their company is to cyber attacks. Hackers make it their full-time job to figure out how they can infiltrate businesses and wreak havoc, such as:
- • Gaining access to sensitive customer information (such as Social Security numbers; credit card numbers; account numbers; driver’s license numbers; health records), and then rendering the data inaccessible to the business until they pay some kind of ransom or selling that data to interested parties on the web.
- • Employees who unwittingly open email from hackers (because it looks like a perfectly valid email), and exposing your network to spam, malware, and potentially stealing valuable company information. This is often referred to as “phishing.”
- • Hackers gaining access to banking accounts and stealing money via wire transfer.
If these scenarios sound scary to you, it’s because they are! Were you aware that more than 14 million businesses across the United States are at risk of a cyber attack? It’s even estimated that cybercrime will cost approximately $6 trillion per year on average through 2021. That’s a hard figure for a business owner to get their head around.
Harrison Hawke, CIC, CRM, Commercial Lines Account Executive at Thompson Insurance, is on a mission to educate businesses on cybercrime and the very real vulnerabilities that many businesses face today.
“Most CIOs and other information technology employees are working around 40-60 hours a week,” Hawke states. “However, criminals are literally working 24/7 trying to hack into your systems. So, there’s definitely always a war being fought between the IT department and criminals.”
But sadly, only around 2% of small business owners believe they are at risk of being hacked. The other 98% believe they are safe from cyber-attacks. This is a dangerous statistic, given the very real data and financial losses that are stemming from this ever-burgeoning hacker trend.
However, in contrast to business owners’ beliefs, 55% of small to mid-sized businesses (employers with 500 or fewer employees) have actually experienced a data breach, and 53% have had multiple breaches. So there is definitely a disconnect between perception and reality for many business owners.
And who could blame them, really? They’re business owners, so they’re spending time selling and maintaining relationships with their best clients, overseeing production of products they’ve invented, and leading meetings and prospecting new business. So sometimes, cybersecurity can be the last thing on the brain of a business owner, regardless of how dangerous that is.
So below is some helpful advice your IT department should implement that can lower your risk of cyber attacks and make you less vulnerable to devastating losses of data and money:
#1 – Backup all company data securely every single day.
I cannot stress this enough. Backups should be off-site and secure. If your company data is backed up daily, and your network gets struck by ransomware, you can then easily roll back to the previous day’s activities, thereby eliminating the hack and the need to pay a ransom.
#2 – Make sure your IT team has installed a firewall
Firewalls are designed to block unauthorized access while permitting outward communication. They are a necessary and critical part of your cyber security plan. Firewalls help protect you against any unauthorized remote access.
#3 – Train your staff regularly and frequently for signs and risks of cyber attacks.
Tell them not to open any email that looks even slightly suspicious to your IT team. Warn them against some of the latest cyber threats. Remind them to act cautiously when dealing with sensitive customer information, making sure that they NEVER include this data in emails. This training will go a long way toward making sure that everyone in the company is “keeping an eye out” for potential cyber hacks.
#4 – Get your website coding tested for weakness
The method in which your website is coded and where it is hosted is definitely a potential vulnerability for businesses. So hire someone to fully test your site for security errors, improper or outdated code, and purchase a security certificate for your website – this helps protect your site from malicious content on the web – AND it’s not very expensive.
#5 – Make sure your business insurance covers cyber crimes
Did you know that most general liability business insurance does NOT cover cyber attacks or at most have very limited coverage provided? Neither do many business owners.
“Point blank – if you own a business, you need to consider a cyber insurance policy,” says Hawke. “It doesn’t matter if your business is in the financial industry or not, a cyber attack can happen to any business at any time, and it is vital that you remain protected. If you use the internet for any facet of your business, the fact is, you have an exposure.”
Continues Hawke, “If you are going to take time and effort to implement cloud computing into your IT department, then you need to make sure you are well-suited to invest in a cyber insurance policy to go with it. Especially now that Bitcoin is so popular, the risk for a cyber attack is greater, because this type of currency is virtually untraceable. It is best to be cautionary and do all you can to protect your business, which is where a cyber insurance policy comes into play.”
So what exactly is Cyber Insurance? It is insurance specifically designed to cover cyber attacks (which are often NOT covered by general business liability insurance.) Cyber Insurance is made up of two basic coverages. First Party Coverages protect the data you have on your own business and employees. Third party Coverages protects your business when you are held liable for a data breach that exposes your customer’s or even vendor’s data. Data can include sensitive customer information, such as Social Security numbers, credit card numbers, account numbers, driver’s license numbers and health records.
At Thompson Insurance, we can actually help create a stand-alone cyber insurance policy to go along with the other various insurance policies in place for your business. Since there is currently no standardization within Cyber Insurance Policies the coverages, important definitions and terms and conditions of the policies can vary widely, emphasizing the importance of your agent’s coverage knowledge and ability to access carriers that will help you tailor a policy to meet your needs.
“We create a cyber insurance policy plan that fits your individual business, not anyone else’s,” says Hawke. “The application and implementation process is pretty turnkey. You answer approximately 30 questions about your business, which equals to about two pages, and our professionals send you a quote from dozens of carriers within 24/48 hours.”
That’s not a very big time commitment for a very big potential risk.
Are you ready to take cyber insurance seriously? Contact us today to learn how our team of insurance professionals can help make sure your business is protected through a cyber insurance plan.
Interested in Thompson Insurance?
Please provide your details and we will contact you shortly.