Guest Post by: Katrina Manning
Amongst people and businesses alike, it is a common thought that only government entities and major financial institutions are at risk for some sort of cybercrime. That is far from true, though. Realistically, small businesses are some of the most common to be targeted for cybercrimes. This is because generally, their company’s databases and websites do not have such adequate security measures and devices set in place to stop these types of things from happening.
Harold W. Soden Jr., an insurance and risk management advisor for Oliver L.E. Soden Agency that is a Trusted Choice Shrewsbury says, “The most common cyber-crime we see is data being encrypted and held hostage for a ransom.”, adding that “Businesses lose time and manpower trying to restore their data or end up spending money to hire a specialist to unencrypt the information”.
What are the potential cyber risks?
What are potential cyber risks concerning your business? In most cases, businesses are a direct potential target for some sort of cyber-attack. When you talk about cyber risks, it is commonly thought to be the work of a hacker, or something of that nature. This is not completely true though.
A cyber-attack can also happen from things like faulty hardware, a corrupted system, and even natural weather disasters like tornadoes, lightning strikes, etc… Things of that nature. No matter the reasoning behind these cyber risks, if your company loses crucial data, that could potentially put you and your customers alike at a major risk for cybercrimes to happen against you. Even your online inventory can disappear in seconds through a well-planned hack.
Most common types of cyber risks for small companies
When talking about cyber risks in relation to small businesses, there are three major types that you need to be aware and protect your company from. The three types are natural, intentional, and human error.
Natural cyber risks are things like a power surge, tornado, or lighting straight. These events are possible cyber risks because they could potentially wipe your whole database clean. If this takes place, your whole business could be stuck at a standstill until the issue is fixed.
Intentional cyber risks would be when an outside person like a hacker, or possibly a dissatisfied employ or former employ. They have the potential to either steal, tamper or destroy information that ids critical for the daily operation of your business to run smoothly.
Human error cyber risks are, unintentional acts resulting from someone not thinking clearly, or not following guidelines and procedures as they should. This could be something as simple as an employee misplacing their laptop that has crucial information on it somewhere that is accessible by someone who wants to cause damage, or harm to your company. With this in mind, it is critical to help employees adapt to new technology.
How to know what kind, and how much cyber liability insurance you should have
Trying to figure out exactly what in your company is exposed online to possible cyber risks, and what you can do to protect your business can be a sometimes-difficult question to answer, including what type and how much insurance your business needs to be kept safe from cyber risks. Here are a few things to consider when figuring this out.
A big topic to look at when discussing cyber insurance for your business is, does your business get or obtain crucial and private, protected health information (PHI) from customers? Does your company happen to obtain payment card industry data from its customers and/or members? Along with the question, does your business obtain and collect any other private and confidential corporate information from your customers, members, or business partners?
Another big area of concern to look at for your own business is, does it obtain and/or collect personally identifiable information (PII)? These would-be things like date of birth, driver’s license numbers, social security card, banking information, etc.
If you happened to answer “yes” to at least one of the various questions above, then in fact you do have some form of cyber liability. With a variety of business insurance available, you should highly consider adding cyber liability insurance for your small business.
Eric Johnson, VP of Affinity Nonprofits says that, “If information is being collected on your behalf, it is your responsibility, and that data is the association’s responsibility even if there is a third party involved in the collection or management of it.”
Aside from protecting your business form potential cybercrimes, getting some level of cyber liability insurance can also bring you peace of mind, and less stress over potential devastation of your business. Not only could you lose crucial data in a cyber-attack, but you could also face being sued by your customers for not safely and securely protecting their sensitive and private information.
After a cyber-attack takes place, recovery and cyber cleanup can be a very time consuming and financially costly event. When looking for liability insurance, take into account ones that offer business interruption, rebuilding data systems, and notifying customers of the data breach, if one takes place.
Image by Retune.com