Do I Need Cyber Insurance?

Cyber attacks are no longer the stuff of fiction. Digital security should be a high priority for your business, no matter what your industry.

If your business uses email, holds customer data and takes online payments, cyber insurance is essential. Even if your business just has a website, you could be at risk of data breaches. The size of your business doesn’t matter: cyber insurance is always a good idea.

In this article, we’ll answer the following questions:

• What is cyber insurance?
• Does my business need cyber insurance?
• What does cyber insurance protect against?

As more and more businesses find their feet online, cyber insurance is becoming essential. Any business which operates digitally will benefit from the protection it offers.

What is cyber insurance?

The internet has unlocked lots of opportunities for businesses all over the world. However, it has also increased the possibility of suffering a cyber attack.

No longer a far-off sci-fi fantasy, cyber attacks are very real and very harmful. Criminals use increasingly sophisticated techniques to obtain sensitive data which they then abuse or sell to third parties.

For this reason, any business, big or small, needs to strongly consider purchasing cyber insurance.

Consumers expect businesses to handle their information responsibly. Meanwhile, harsh regulations promise heavy fines for breaches in data security. Cyber insurance can help protect businesses if the worst should happen.

You need to consider cyber insurance if your business:

• Relies on computer systems and online software for day-to-day operation
• Holds sensitive data about customers or employees (e.g. names, addresses or financial information)
• Owns a website
• Has a payment card industry (PCI) merchant services agreement in place

Cyber insurance will help pay for damages and new security measures if your digital security falls foul of an attack.

What is cyber crime?

‘Cyber attack’ is a broad term that covers a range of different breaches, including malware, social engineering and denial of service (DoS) attacks.

Malware is a category of software most people are familiar with. It is often installed on digital devices without the victim’s consent, and enables criminals to record information or exploit the capabilities of these devices for their own ends. Malware can include viruses, trojans and ransomware.

The WannaCry ransomware attack in 2017 spread to 150 countries and affected organisations as diverse as Honda, FedEx and the NHS. This ransomware planted an infection in computers, holding encrypted data to ransom and demanding money for its release.

Social engineering is a catch-all term for a type of cyber attack which focuses on the individual. For example, phishing emails are a type of message which looks genuine, claiming to be from an institution like a bank or phone company. But the login information is false, designed to trick you into disclosing personal and financial information.

Other examples of cyber attacks include scareware – which intimidates victims into installing fake virus protection software – and DoS attacks, which targets a particular network and stops its intended users accessing it. The attack usually achieves this by bombarding the network with lots of traffic or information with the intent of causing it to crash.

In 2015 all of the BBC’s websites were knocked offline in a DoS attack. A subsequent BBC News report said that the culprits, a group called New World Hacking, did it to “test its capabilities”.

Cyber insurance and your business

Even after reviewing this information, you may not think your business would be an attractive target. Unfortunately, an easy target is often the attractive one to cyber criminals. Criminals prefer targeting a smaller institution with less money and fewer security protocols, even if it means a smaller bounty. This is because they don’t want to spend the time and effort hacking into large systems with advanced security and risk getting caught.

So, your annual turnover or number of employees doesn’t matter: if you are trading business, you are at risk of a cyber attack. To mitigate this risk, it is advisable that you seek out cyber insurance.

When criminals raid databases and hack websites and payment processors, the damage takes time and money to put right. There is also the loss of customers’ trust if the attack goes public, which is not a risk to take lightly.

A cyber insurance policy helps you cover the cost of diagnosing the root of the attack and repairing your systems. But it also covers lost revenue and security upgrades. Talk to our Cyber Insurance Experts today to find out more about cyber security and how you can protect your business.