Cyber Liability Insurance: Four Ways to Safeguard Your Small Business
Since big companies such as Target, with nearly 2,000 stores in the U.S., and Equifax, with more than $3 billion annual revenue, are targeted by cybercriminals, one might think small businesses would not need cyber liability insurance. This could not be farther from the truth.
Unfortunately, small businesses also are targeted with depressing frequency. According to the Congressional Small Business Committee, 71 percent of cyberattacks are directed at businesses with fewer than 100 employees.
What’s more, Ponemon’s and Keeper Security’s 2016 small and medium-sized businesses cybersecurity report noted 50 percent of small businesses had a security breach during the previous year. It isn’t because cybercriminals are ill-informed or not ambitious. While cyberattacks on big companies can generate vast quantities of valuable data, these companies typically are well-defended. Although small to medium-sized businesses are less valuable targets, their information technology systems are easier to penetrate.
Four ways your small business can strengthen its defense against cyber crime:
1 – Improve Workplace Security
Company insiders are responsible for 60 percent of cyberattacks, according to IBM. Who is an insider? Anyone who possesses credentials enabling physical or remote access to a company’s digital assets.
The solution? Start by awarding credentials for access to sensitive digital assets only to those who have earned your complete confidence. If an employee or contractor is fired or chooses to leave your firm, quickly block access to digital assets. An employee or contractor who copies digital assets onto a portable drive can do as much damage as a hacker who infiltrates your IT system remotely. As a result, stringent physical security is the starting point for effective cybersecurity.
2 – Understand Ransomware
Individuals perpetrating ransomware can only succeed in restricting access to your company’s computer system with the help of employees and contractors. Curb these efforts to hold your company hostage by following these rules of thumb:
- Train contractors and personnel to recognize bogus emails and advertisements.
- Stay current on all IT protection systems, including anti-virus software.
- Do not click on unknown emails or attachments.
- Do not connect unprotected personal devices such as flash drives to company IT systems.
3 – Beware Wi-Fi Hotspots
Since 95 percent of Wi-Fi traffic is un-encrypted, employees and contractors should use caution before accessing your company IT system via a hotspot at a Starbucks, Panera, train station, hotel or other public space. All digital assets will become vulnerable if the hacker deviously working at the next table or across the lobby penetrates your corporate server. Here are 4 ways to manage this risk:
- Nothing is for nothing, including any network labeled “Free Wi-Fi.” Don’t accept this particular form of charity.
- Before logging in, set all websites to “HTTP secure.”
- Use a virtual private network before logging into a company network.
- Do not access personal financial accounts via a Wi-Fi hotspot.
In fact, anytime a user name and password are required to gain access to a website, put the time to better use by getting up to order another cup of coffee. It has been said it isn’t a matter of whether or not a cyber intruder will victimize a company, but when. To best defend against such an event, prepare an action plan in advance.
4 – Purchase Cyber Liability Insurance
According to UPS Capital, a cyberattack costs a small business $84,000 to $148,000. What’s more, 60 percent of small businesses go out of business within six months of an attack. While the first wall of defense against cyber-risk is a comprehensive data security plan, no amount of preparation can fully protect a firm from a breach. This cyber-risk must be transferred to insurance. Because of potential limitations of standard liability coverage when dealing with the evolving cyber environment, work with your broker to transfer your cyber-risk to cyber liability insurance products.
Contact us below and we’ll help you determine the right level of cyber liability insurance for your business.
Bob Dietzel is the Co-Founder and Principal at KMRD Partners Risk & Insurance Solutions, a leading risk management and human capital solutions firm the Philadelphia region.
The content available on or through this e-letter is in no way intended to and shall not be construed to constitute professional medical, health, legal, tax or financial advice. KMRD Partners disclaims any liability or loss in connection with the content contained in this e-letter.
How KMRD Can Help:
KMRD delivers risk management and human capital solutions to over 2000 clients nationwide. Our award-winning team, disciplined approach, proven processes, combined with our risk management portal make KMRD the leading choice to improve general liability protection and reduce the overall cost of risk.