It doesn’t matter how careful you are. Chances are that your organization has already been, or soon will be, the victim of a cyber crime. Malware, ransomware, phishing schemes, and data breaches are just a few of the most common types of cyber threats. Their impact ranges from mildly annoying to majorly expensive and disruptive. When a cyber criminal targets your company, will you be prepared?
Small businesses are especially at risk.
As the owner of a small or medium sized business, you may think that cyber criminals wouldn’t waste their time targeting you. But recent statistics estimate that 43% of cyber crime is directed at small and mid-sized organizations. Small businesses often don’t have the resources to invest in the latest security measures, making them easy prey. Non-profits can be victims, too.
The impact can be fatal.
Cyber threats are sometimes caused by criminal acts, but can also happen unintentionally. Regardless of how it occurs, a cyber incident has the power to destroy your organization. Consider this frightening fact: 60% of companies that fall victim to a cyber attack go out of business within 6 months.
“Every company, regardless of size, needs to regularly review their cyber liability exposure,” says Dave Binsfeld, executive vice president of General Southwest Insurance. “The threats are constantly changing, as are the rules companies have to follow when their clients’ data is compromised.”
A dangerous assumption some business owners make is thinking that their regular business insurance policies will cover a data breach or other cyber incident. In fact, general liability and D&O policies were never intended to provide this type of protection, and many now are written to specifically exclude cyber liability.
How can you protect your organization?
There is no one-size-fits-all policy for cyber liability. Every business requires something different, so it’s important to work with a knowledgeable advisor who understands the complexities. One of the most important things to understand is that there are two distinct types of cyber liability coverage, and most companies need to have both:
- First Party coverage: Provides reimbursement for direct expenses, such as system repair, ransom payments, loss of income, public relations expenses, or the cost of credit monitoring for affected clients.
- Third Party coverage: Protects you in the event your system or one of your employees is responsible (directly or indirectly) for a cyber incident. Covered expenses might include government fines, legal costs, or claim settlements.
Organizations can also subscribe to services to assist them in the event of a cyber incident. “For companies that have a data breach,” says Binsfeld, “what typically ruins them is them is either 1) the damage to client relationships or 2) the staggering amount of time that has to be devoted to cleaning up the mess.”
A remediation company will handle much of the clean-up for you, making sure your business is compliant with the latest regulations and allowing you to stay focused on your daily operations. “This is not an insurance product,” cautions Binsfeld. “It’s designed to work along-side a comprehensive cyber insurance policy.”
Is it time for a cyber-checkup?
If you’re unsure about your company’s cyber threat coverage, or haven’t reviewed it in over year, visit our website to learn more or contact your General Southwest advisor for an evaluation.