Does your small business really need cyber insurance?


As a business owner or consultant, or freelancer, cyber insurance may seem like an unnecessary cost. But consider this…

cyber-attacks have been occurring ever since the Internet first came about; sophisticated hackers have found ways to breach systems we rely on around the globe and launch cyber attacks against them.

Though large companies hire highly trained developers in order to protect against cyber attacks, attacks continue to escalate every year and hackers’ arsenal of tools is becoming more potent than ever.

In 2017 alone, malware-related software programs increased by an astonishing 230,000 and were introduced every day globally. Large corporations weren’t the only victims; small and mid-sized enterprises (SME) also saw 43% being affected by cyber-attacks in 2017.

Studies conducted by the Center for Strategic and International Studies indicate that cybercrime accounts for an annual loss estimated at PS191billion.

Companies must also contend with the consequences of cyber attacks, including reduced productivity. The 2017 WannaCry ransomware attack alone is estimated to have cost companies approximately $4bn in lost hours of work.

Small companies averaged the median cost of cyberattack at around PS250,000 while larger firms could incur costs reaching millions; an estimated average costs between PS4.2m-4.4m according to NetDiligence.

How could a cyber attack affect your business?

All companies using technology as their main tool or managing customer or employee information digitally are susceptible to cyber attacks. Even one minor security breach could expose your data into the wrong hands – potentially harming not only customer privacy but also impacting negatively upon business operations.

A cyberattack would force most companies to immediately cease trading while they assess and investigate it, with potentially devastating repercussions for both revenue and reputational loss. Should hackers target customers of the business – by disclosing or targeting personal information of clients – customers could become angry, leaving the business with both poor reviews and financial damage as a result of their interactions with it.

Business must address both immediate and long-term concerns after an incident occurs, including security upgrades and staff retraining costs that many don’t factor into their annual budgets.

regulators could impose sanctions against violators of the law. Starting May 1, 2018 the Europe’s General Data Protection Regulation (GDPR) goes into effect and businesses could face fines up to 4 percent of annual revenues or EUR20m – whichever is greater – should regulators feel they haven’t safeguarded customer privacy adequately.

Few small businesses survive cyberattacks without incurring substantial damages and having to close or file for bankruptcy protection.

Cyber insurance should not be seen as a panacea to cybersecurity threats; rather it can help minimize or reduce their financial consequences in case of an attack.

As with any insurance policy, they’re useless until it becomes necessary.