Who needs cyber liability insurance?
We’ve all seen the alarmingly regular stories about big multinational companies falling victim to cyber-attacks. With that in mind, you’d be forgiven for thinking cyber criminals are only interested in the big boys.
Well, are they? As a small-business owner can you simply sit back and relax?
Sadly, the answer is no. If you use email, hold customer data, take online payments (or even if you just have a website) you could be at risk.
The butcher, the baker, the candlestick maker
There are a whopping 5.4 million SMEs in the UK, making up over 99% of all businesses. That’s a big pond for hackers to fish in. Although any one business on its own might not seem a lucrative target for cybercriminals, add up the small gains (in data or money) and it’s clear there are rich pickings.
There are several reasons why a hacker might target you or your business, but most of the time it’s quite simple: your money, your data, your customers’ money, and your customers’ data. All of it in one go, ideally.
It’s sometimes easy to assume your business doesn’t have what hackers want. But it’s safer to assume it does.
- IT consultants hold data including names, addresses, passwords and other personal information
- Marketing consultants hold reams of company information and confidential strategic information
- Photographers hold contact information, personal information and store images of their clients
Each of these businesses needs to keep its data both safe and easily accessible, meaning each one is a potential target.
Hacked and held hostage
But of course, hacks and data breaches are just one type of cybercrime. A particular favourite of the small-time cybercrim is the good old ransomware attack. The key here is the ransom amounts demanded – they might be relatively low but that makes them more likely to be paid. A few thousand here and there might not seem like much but, again, add it all up and it’s like winning the cybercrime lottery.
A good example is the case of MNH Platinum, a vehicle hire company in Blackburn. It was forced to pay a £3,000 ransom after hackers unleashed a virus that encrypted over 12,000 files across their network. Files they needed. They had no choice but to pay up, and then invest more time, money, and resources into discovering exactly how the breach had occurred.
Managing director, Mark Hindle, wisely said, “I’m thankful we had a lucky escape, in that I was able to retrieve the documents that are crucial to the running of the business, albeit at a price.”
Although it’s debatable MNH actually was in any way ‘lucky’, its experience could’ve been a lot worse. There’s no cap on what ransom could be demanded, what data could be stolen, whether it’ll be returned if payment’s made, or what emails could be sent out – apparently from you – to your entire contact list.
You might not think your business is a likely target, but you’re right to think it could be an easy target. It’s unlikely you have the money, knowledge, people or procedures to keep up with the evolving world of cybercrime. That’s a problem because hackers like an easy life – they’d much rather target a small business if they can get into its systems in a way they can’t with a large one.
Really, it doesn’t matter how large or small your business. Raided databases or hacked websites take time and money to fix. The business cost of seeing to the immediate problem and dealing with the consequences isn’t to be taken lightly.
But you don’t have to be the weak link: cyber insurance helps get you back on your feet following a cyber-attack. It picks up the tab for the obvious things like finding out what happened and repairing your systems, but it covers the unforeseen expenses such as dealing with regulators and losing revenue from being offline too.
So, who does need cyber liability insurance?
Everyone. But especially you.