If you are like most small business owners in New England, you probably think that cyber risk and more specifically, information security attacks, are liabilities only big businesses, like Target, Marriot Hotels, and Home Depot, need to worry about. However, if the news coverage over the years has proven anything, it’s that no one is safe from the threat of cybercrime, as large corporations, government agencies, small businesses, start-ups, and even presidential candidates have fallen prey to malicious hackers.
News coverage aside, the Insurance Journal has confirmed that over 55 percent of small businesses have reported a data breach, and 53 percent have experienced multiple breaches.
Cyber-attacks pose many risks to any organization, and the financial exposure alone can cripple a business regardless of size. However, small businesses are particularly susceptible as they have less resources to handle the financial implications, and generally, do not prioritize employee behavioral training or monitoring of their cyber network. So, it’s no surprise that Inc.com recently reported that, according to the U.S. National Cyber Security Alliance, 60 percent of small businesses are forced to close their doors within six months of a cyber-attack because they are unable to come up from under the financial implications brought on by such an event.
As your go-to resource for risk management and insurance solutions, Fred C. Church has developed simple steps to help you and your organization properly prepare for and protect against a potential data breach and the catastrophic aftermath that will likely follow.
Why Are Small Businesses Under Cyber Attack?
Unlike large retailers, global wholesalers, and national business operations, small businesses have fewer resources to help combat against cyber vulnerabilities and attacks. In fact, most small business owners do not have the financial means to even hire an experienced IT professional or IT security company to ensure that they have the necessary security systems in place to protect against such liabilities, which in turn makes them much easier targets for hackers than that of their larger counterparts. Modern-day hackers are not attacking at random, instead they are developing a strategy and devoting the majority of their time, effort, and resource to target the most vulnerable organizations.
As we touched on earlier, small business owners are less likely to make cyber security a business priority, despite the topic being openly discussed in the business world and in the mainstream media. Shockingly, only 15 percent of small companies offer their employee’s cyber training, according to a 2016 Better Business Bureau report, which is geared to educate staff on what to look for and how to respond to suspicious activity online.
Lastly, small businesses have less wiggle room to weather the financial storm of a cyber-attack. The fiscal damage for such an event can be substantial for a company of any size, but for a small company in particular, it could be the very cause of having to shut down your operation for good.
If your business was to fall prey to a malicious cyber-attack, you may find yourself responsible to pay for most of the financial impact, including the cost of a legal team due to a pending lawsuit brought on by an affected customer whose personal identifiable information was leaked, front the bill for an IT security remediation expert, data breach notification expenses, PCI Compliance and other government fines and penalties, not to mention, loss of business income and added expenses.
While preparing your organization for this constant threat may seem like a daunting task, Fred C. Church has six simple tips that you can begin integrating into your operation today to help minimize the likelihood and severity of a potential hack.
- Educate your employees about cyber liability. While the face of a hooded vigilante is what we often think of when hearing the term “cyber-attack,” most cyber breaches happen because of human error. Basic cyber training can reduce the likelihood of a majority of cyber threats to small businesses, so in addition to coaching your staff on how to properly protect sensitive customer and business data, you should plan to establish and communicate a set of data security protocols and procedures for your team to follow.
- Create a cyber incident response plan. Such a plan would educate your employees on how to react quickly in the event your network or computer system was compromised.
- Keep security and malware software up to date. Stay current with your security software, web browser and computer operating system updates. This is a great, and cost-effective way, to help protect yourself and your business from malicious viruses, malware and other online cyber threats.
- Stay alert while online. With most of our communication happening online via email and social media, it is our recommendation to err on the side of caution when it comes to random links, offers, and attachments. Hackers are notorious for creating click-bait emails and social media posts as a way to get inside the backend of your computer, and steal sensitive information without you suspecting a thing. So, if any employee has any doubts, it is best to delete this kind of correspondence right away, and notify the proper person in your organization.
- Encrypt sensitive files and information. Encrypting emails and sensitive data is a great way to ensure that only your intended recipient(s) receives information you are sending over the internet. Without possessing a unique key or password, cybercriminals will have a hard time accessing information that was not meant for them.
- Consider cyber insurance. A cyber liability policy from Fred C. Church can help you get back to business after a loss more rapidly and minimize the negative impact.
Cyber Liability Insurance from Fred C. Church
Cyber insurance can provide coverage to a variety of small businesses, including retail shops, wholesalers, manufacturers, healthcare offices, creative agencies, contractors and more, as the policy is specifically designed to provide financial aid after a cyber-attack. So, whether you own a private medical practice, a growing golf equipment manufacturer or an artisanal olive oil company, and have grown concerned about the financial implications of a potential data breach, a comprehensive cyber insurance policy is a smart and often highly-affordable investment for you to consider. Plus, partnering with an experienced team of risk management and insurance professionals, like Fred C. Church, is an effective way to safeguard yourself, and certify that you have all the business insurance coverages you need.
A standard cyber insurance policy may cover your business’ liability for a data breach involving sensitive customer information, such as banking account numbers, credit card information, Social Security numbers and health records. In addition to potentially covering any associated legal fees and expenses, this policy can also provide the financial safety net your business may need to help notify customers, restore the personal identities of affected customers, recover compromised data, and repair damaged computer network systems, and assist in protecting the brand you have worked so hard to build.
While a standard business liability policy will cover you for bodily injury and property damage resulting from your company’s products, services or operations, most policies do not provide adequate coverage specific to cybercrime. An overall rule is that most general liability insurance policies only cover about 10% of this kind of risk event. However, every business and policy is different, which is why we would encourage you to speak with an experienced, independent insurance resource, like Fred C. Church, before assuming you are adequately covered.
Our process begins with a comprehensive risk assessment to identify your unique set of risks. Once we understand what makes your business tick, and specifically pinpoint business needs and requirements, we will begin discussing our professional risk and insurance recommendations. And should you experience a loss, you can worry less knowing that you have the proper insurance coverages in place, and access to an entire team of risk management and insurance claim specialists who will ensure that your claim is processed quickly and correctly.
For more information about Fred C. Church, cyber liability insurance, or our unique risk management approach, please visit us online at fredcchurch.com or contact Monique Garrell, Fred C. Church Commercial Account Executive, direct at 978-322-7208.