Corporate security isn’t keeping up with protecting its critical infrastructure fast enough. Hackers around the world are getting bolder and more sophisticated – and every business is susceptible to an attack.
This year alone has seen Under Armour’s MyFitnessPal app compromised with usernames, email addresses, and passwords from roughly 150 million users. More than 300 universities in the United States and abroad, fell victim to 31 terabytes of stolen data, estimated to be worth $3 billion in intellectual property.
And of course – the massive Facebook data hack that exposed more than 50 million users’ private information, not to mention the British analytics firm that got access to 87 million users’ private information last year.
And these are only a few of the big data hacks within the last year.
How would you respond to a ransomware attack on your business?
Picture this, you’re strolling into work after a refreshing long weekend only to be bombarded by your IT department with frantic emails that you’ve been hit with a massive ransomeware attack. Your entire system is now locked down, hackers are demanding money for your data to be released and your entire operation has grinded to a halt.
You might be carrying sensitive data from your clients that’s now leaked, which you are held liable for. There could be significant downtime to your operations, which hits your cash flow and your payroll. You’ve now got a public relations crisis on your hands with the health of your company hanging in the balance.
Do you know what to do in the immediate aftermath? Do you have a plan in place to get back up and running? Do you think you’re one of the lucky few that will be able to withstand an attack without a plan?
Cyber security is a growing concern for businesses
Ransomware attacks and cyber extortion is becoming increasingly popular among hackers targeting businesses with a lack of resources and technical expertise, leaving many vulnerable to large data threats. People are starting to understand that cyber criminals are no longer just targeting large data-heavy companies; they’re looking to disrupt any business from any sector with a vulnerability they can target in return for a ransom.
As a business owner, it is vital to the health of your company to understand the gravity of this situation and what could happen to you if you aren’t protected.
Did you know that one-third of Canadian firms don’t report carrying cyber insurance? I would even go as far as saying that more than half of Canadian businesses do not carrying any type of insurance for this.
“Cyber insurance is not just another cost to your business.”
Hackers are getting smarter and smarter, so the exposure is getting greater and greater. In this day and age, anyone is susceptible to falling victim of a cyberattack. You’re just asking for trouble when operating a business without these forms of insurance.
We understand that business owners have so much on their plates, with a never-ending list of things to do. So their IT department might be telling them they have all the necessary protocols and protections in place, and that an attack would never happen, or they just don’t carry sensitive customer information; so therefore they feel they don’t need cyber insurance. Does this sound familiar?
It’s about adapting to the modern challenges of running a business. Cyber insurance coverage is your personal or professional fail-safe for if and when a breach or cyberattack occurs. IT departments and business owners need to be on the same page and know about this, because you are held entirely liable.
Can you answer these 5 cyber questions?
Concerns over data breaches are hitting an all-time high. It’s about being proactive rather than being reactive in the wake of a breach. Here are five very pointed questions (bringing back the question from a paragraph earlier) you need to ask yourself to get out ahead of a potential breach.
- How would you respond to a ransomware attack on your business?
- What would you do if you get sued?
- What happens if your business grinds to a halt because of a breach?
- Are your protocols and software being farmed out or handled in house?
- Does your IT team have a plan in place?
If you can’t answer all of these very straightforward questions, or you seem hesitant on some of them – something has to be done.
How to protect your company with cyber insurance
Cyber insurance that are offered by specialized insurers in cyber liability provide the best coverage, because there are all sorts of 3rd party services that you would have access.
Here is the top five added-value when considering cyber insurance.
- PR firms
If you are dealing with a really bad breach, sometimes the professional reputation of your company is the last thing you’re thinking about, given all the other critical issues that are piling up. Through a cyber policy, you get access to top PR firms to get out ahead of that for you and control the narrative in the market.
Human error is such a large exposure for everybody, and how easy a data breach can happen, with scenarios like, forgetting your laptop or mobile device offsite or phishing attempts.
Through the insurer of a cyber policy, you can get access to professional coaches who are well versed in this field to help provide insight and counsel throughout the process.
Even just filling out an application for insurance can help a business develop their cyber and privacy breach protocols and help their IT department think about different software they could buy.
Insurance companies will ask about protocols and software and if it’s being farmed out or being handled in-house. So as a business owner going through this process, you will understand what needs to be done to help bolster the front lines of your IT department, in addition to helping with system damage and restoring data.
- Law firms
You get access to large established law firms that can help defend you if you were being sued, plus coverage for legal expenses resulting from a privacy breach.
- Business Interruption coverage
If there was a cyber attack, you get immediate access to experienced breach response teams and IT forensic experts to help with data restoration to get your company back up in working order.
How a broker helps you navigate all of this
A broker can present different products to them because we have access to different carriers and we’re experienced in cyber liability. Brokers could sift through the market and provide different options, because each insurance company is handling cyber differently.
- Brokers uncover your primary concerns
We would have dialogue with the clients about what they’re most worried about.
- Brokers help you think differently
We discuss how claims happen, and help you think about different scenarios. We would bring your attention to some of these exposures and present some things to you that you might not have thought about.
- Brokers tailor a unique plan for your business
We would tailor something together that is unique and customized to your needs and your business that is built around the type of customer data you were holding. It’s the brokers job to sift through what the different carriers are offering, and speak to you about your needs to find out what the best option would be.
- Brokers keep you up to speed on the market climate
For example, on November 1st, 2018 there are changes where Canadian companies have to inform customers and the Privacy Commissioner when there is a breach of private information. Most clients wouldn’t know what their obligations were around the privacy act and data breaches – that’s where a broker steps in.
The unfortunate truth is that many businesses are so unprepared for this type of scenario, and it can happen to anyone. Approaching this with the mindset that “it won’t happen to me,” can be absolutely deadly.
This narrative isn’t going away anytime soon. Don’t be another cautionary tale.