Cyber risk could be considered a frontier area among the many areas of risk businesses face. While the nature of the threat has yet to be fully understood, being targeted by a cyberattack is all but inevitable.
Unfortunately, small and medium-sized businesses are particularly vulnerable, as they may not have the same sophisticated cybersecurity defenses as larger organizations. But some steps can be taken to prepare for and respond to cyberattacks, even for businesses with limited resources.
When a breach occurs, having a fast, efficient, and effective response can help limit losses and provide the information needed to make decisions and act.
Furthermore, cyberattacks can cost thousands of dollars, and cyber liability insurance can significantly impact a small business’s ability to navigate and survive these attacks.
Understanding Why Cyber Criminals Focus on Small Businesses
Amid the increasing prevalence of cyberattacks on companies, hackers target small businesses because they have fewer security solutions to prevent attacks.
According to a Nationwide Survey, 83% of small business owners offer employees the option to work remotely, yet only 50% of small business owners have updated their remote security protection.
Illustrating the Threat: A Real-Life Cyber Incident
Consider this real-life example of a cyberattack on an organization:
After more than 30 years in business, a medical practice management company started its day like any other, only to realize it couldn’t access any of its computer systems. The company’s IT staff discovered that nearly all their files, including their backups, had been encrypted.
Shortly after discovering the incident, their cyber insurance provider and a dedicated digital forensics response team, Coalition Incident Response (CIR), got to work to help the company recover. Unfortunately, CIR quickly determined that the company had been infected with HelloKitty malware. This dangerous ransomware variant is known to exfiltrate its victims’ data before encrypting it. So, with their backups fully encrypted and without any other options to restore their operations, the company decided to pay the ransom to restore their functions.
Fortunately, CIR was able to negotiate the ransom demand down by nearly 75% from $750,000 to $200,000 and proceeded to help the company restore all of its data. In addition, the costs to respond to the incident, recover lost data, and pay the extortion, together with the lost income resulting from the incident, were covered by the company’s cyber insurance policy with Coalition.
Claim Scenario provided by Coalition
Strategies for Preventing Cyber Attacks on Small Businesses
For small businesses hoping to ensure their networks can minimize or prevent an attack, several types of antivirus security software are available, with hardware and software-based firewalls.
Small business owners should invest in data backup systems separate from the current operating system, encryption software, and multi-factor authentication or password security software.
In addition to the software solutions, small businesses should adopt certain security hygiene practices: Keep software up to date, educate employees, implement formal security policies, and regularly communicate what not to do.
Lastly, practice your cyber defense response plan; a cyberattack is inevitable with all the best efforts. According to the National Cyber Security Alliance, nearly 60% of all small businesses close within six months of a cyberattack. Therefore, it is paramount that your organization has a plan in place to respond quickly to minimize damage.
The Role and Benefits of Cyber Liability Insurance
One of the benefits of Cyber Liability Insurance is that it can provide access to a team of professionals who can respond quickly and effectively in the event of a data breach. This team may include forensic experts, attorneys, breach response specialists, and credit monitoring companies, all working together to mitigate the damage caused by the breach.
Cyber insurance is a tool to protect the corporate balance sheet from losses not typically covered under traditional insurance policies. In addition to first-party costs like forensic investigation and notification, cyber insurance extends to third-party claims alleging unauthorized disclosure of personal information or other confidential data.
By investing in Cyber Liability Insurance, businesses can gain peace of mind knowing they are better prepared to handle a cyber attack’s financial and legal consequences. And with the support of a team, they can respond quickly and effectively to minimize the damage caused by a breach.
Take Action to Safeguard Your Company
Find out how Mason-McBride can help protect your business and request a proposal.
For helpful tips on other popular topics, check out articles on:
- Decoding E&O Insurance Policy Language
- Ransomware Developments
- Cybercrime Targeting Small Businesses
- Cyber Coverage Exclusions
Article By Jamie Parry
