When it comes to crime, cyber or otherwise, many people prefer to adopt the belief that only other companies face those threats. And while it is in our nature to shield ourselves, overconfidence and unawareness give criminals an advantage.
It is vital to know that there are ways to protect your company and your customers. Enhanced security and in-depth employee training are necessary, but only cyber insurance can help you deal with the aftermath of a cyberattack.
What is Cyber Insurance?
Cover, known as cyber insurance, is a type of business insurance that will protect your company from damages caused by a cyberattack. Specific policies are different, but they cover computer invasions, malicious software distribution, unauthorized use of personal and financial information, modification of data, and damage to electronic communications.
If Cyber Insurance Does Not Prevent an Attack, Do I Need It?
The answer is a simple yes. Consider the fact that your health insurance will not prevent a ruptured appendix, but it is extremely helpful in paying for your medical care.
Cyber Insurance will help you deal with the terrible and expensive aftermath of a cyberattack. In addition to legal costs, typical cyber liability insurance usually covers,
- Data Recovery Costs
- Investigation of the Attack
- Business Interruption Costs
- Extortion Costs
- Penalties and Fines Issued Because of the Breach
- Cost of Public Relations and Crisis Management
You should also be aware of what is typically not covered in a cyber liability policy.
- Replacing Damaged Equipment
- Losses Caused by Related Power Outages
- Damage to Property
- Any Intentional Act to Harm the Computer System
Understanding Your Risks
Cyber attacks and their aftermath will look different based on your industry. The following explains scenarios and aftermath based on the type of business you own.
The Construction Industry
- Risk of Business Interruption- Moderately High Risk
- Risk of Privacy Breaches- Moderately Low Risk
- Risk of Criminal Activity- High Risk
Examples of risk in the Construction & Building Industry
- One of your suppliers’ systems is taken for ransom or otherwise damaged. This results in delays and work stoppages for you due to a lack of materials.
- You receive authentic-looking invoices from a company you do business with and pay it. Later, you learn it was a fake invoice, and you cannot get your money refunded.
Education
- Risk of Business Interruption- Moderately Low
- Risk of Privacy Breaches- High Risk
- Risk of Criminal Activity- Medium Risk
Examples of risk in Education
- Compromised employee emails open the door to fraudulent activities
- Cybercriminals access student and staff files leading to the distribution of personal information on the dark web. Additionally, you could face penalties and must report the breach to all who may be impacted.
Healthcare
- Risk of Business Interruption- High Risk
- Risk of Privacy Breaches- Moderately High Risk
- Risk of Criminal Activity- Medium
Examples of risk in Healthcare
- PHI can be stolen, leading to extensive notifications and implementation of plans to correct the problem
- Ransomware or malware disrupts the delivery of healthcare
Manufacturing
- Risk of Business Interruption- High Risk
- Risk of Privacy Breaches- Moderately Low
- Risk of Criminal Activity-High Risk
Examples risk in Manufacturing
- Problems caused by hackers slow or stop your production or that of your partners
- Hackers intercept payments and other sensitive information between your company and your partners
Professional Service Firms
- Risk of Business Interruption- Medium Risk
- Risk of Privacy Breaches- Medium Risk
- Risk of Criminal Activity- High Risk
Examples of Risk for Professional Services
- Hackers can access your email and accounts and then reroute your clients’ payments or create fraudulent invoices
Public Entities
- Risk of Business Interruption- High Risk
- Risk of Privacy Breaches- Moderately High Risk
- Risk of Criminal Activity- Medium Risk
Examples of risk for Public Entities
- Sensitive information taken from your records can be shared or sold on the dark web
- Ransomware can stop public services and put the public at risk
Retail
- Risk of Business Interruption-Moderately High Risk
- Risk of Privacy Breaches- High Risk
- Risk of Criminal Activity- High Risk
Examples of risk for Retail
- A cyber attack causes you to lose money because customers cannot buy from you and, in some cases, lose faith in your ability to protect their essential information
- Your customers’ personal information is taken in a data breach. You must pay to notify customers, and you may face regulatory fines. Additionally, your reputation takes a very public hit.
Technology
- Risk of Business Interruption- Medium Risk
- Risk of Privacy Breaches- Moderately High Risk
- Risk of Criminal Activity- Moderately Low risk
Examples of risk for Technology
- Ransomware holds your system hostage, making it impossible to complete your duties
- When the information about your clients is taken, you are liable, and their personal information is up for grabs on the dark web.
Transport and Logistics
- Risk of Business Interruption- A High Risk
- Risk of Privacy Breaches- Moderately Low Risk
- Risk of Criminal Activity- Medium Risk
Examples or risk in Transport and Logistics
- Hackers access personal information and use it maliciously or to reroute payments to your company
- Your tracking systems are held ransom, causing lost items and extensive delays
If you are not convinced, cybercrime is a significant risk for your company. Look over these statistics.
- Half of all small and medium-sized businesses (SMEs) reported a cyberattack within the last year
- SMEs pay $2.2 million a year because of cybercrime
- Over 43 per cent of cyberattacks target small businesses
- 60 per cent of SMEs that experience a cyberattack go out of business within six months
- Two out of every three SMEs experienced a ransomware attack in the past 18 months. Around 20 per cent of these businesses spent $250,000 to recover from the attacks
While taking steps to prevent becoming a victim of cybercrime is always advisable, criminals constantly improve their tactics. In a 2021 study of data breaches by Verizon, the time it takes to detect a hacker is woefully slow. A hacker can nab your whole customer database in just a few hours. However, on average, it takes 200 days before the attack is discovered. That is over half a year of unlimited access to sensitive information. As you can see, cyber insurance is the best way to protect yourself and your company from cyberattacks.
You have worked hard to get your business up and running, so do not let hackers tear apart what you built. At Grace Insurance, we offer our clients comprehensive and customizable cyber insurance to help protect what is yours.
Cybercriminals are devoting 100 per cent of their efforts to attacking businesses just like yours. Can you afford to let them get away with it? Reach out to us for information about insurance cover and ways to mitigate risks.
**Please Note**
The material provided is for informational use only and does not constitute legally binding insurance advice and is not intended to replace an individual consultation with a knowledgeable representative of the insurance industry. For advice specific to your business, speak with an insurance professional who knows the specifics of your company.