It’s too easy for small to medium-sized enterprises (SMEs) to dismiss cyber crime, because they view themselves as too small to be attractive targets for criminals. However, this is not the case.
Simon Campbell-Young, CEO of MyCybercare, says that in reality, all businesses are targets for hackers, not just the large corporates. “Cyber crime is worth billions a year, but despite that, so few companies are insured against it, particularly SMEs, making them increasingly vulnerable to attack.”
He says any business that relies on data, or uses the Internet, is at risk. “Proprietary company data, employee profiles and personal information, customer data, financial credentials and suchlike – all need to be protected. The consequences should this data be breached and fall into the wrong hands, could be catastrophic. Just look at the number of high profile breaches we have seen over the past few weeks.”
According to Campbell-Young, cyber insurance covers small businesses for a variety of crimes, including identity theft, malware, hacking, online scams, phishing, fraud, data theft, and extortion. “The fact that the majority of business have an internet presence means they are in danger of falling victim to cyber crime. And remember that cyber crooks don’t necessarily need to hack your computer systems to steal data; all they need to do is get their hands on a laptop or mobile phone carelessly left lying around by an employee.”
The ways in which cyber crime can affect a company are actually a lot more numerous than one may think, and are usually not contained to a specific period of time, as the effects can be lengthy and expensive, he adds.
“Over and above general business interruption, a breach that results in customers’ personal data being stolen or exposed can result in legal fees, and costs associated with investigating the breach and notifying customers of the effects it might have on them.”
Moreover, he says that current customers are unlikely to continue using your services should their information be exposed, even if they are not directly affected. Once trust and confidence has been lost, it is difficult to get it back again.
So what does cyber insurance cover? “Although policies will vary between insurers, the average cyber insurance policy is designed to help the business with preventing breaches in the first place as well as dealing with any fallout should they occur.”
He says cyber insurance policies will typically cover the cost of restoring electronic data in the event a breach or leak, forensic services to investigate a breach, crisis management in the event an incident harms your organisation’s reputation, and help guarding against data breaches, hacking and employee error. “Some policies will also cover any legal costs associated with notifying customers and regulatory bodies in the event of a breach, as well as the associated fines if imposed by the powers that be.”