In recent years cyber attacks have emerged as one of the most significant threats facing organisations of all sizes.
A recent survey conducted by the Department for Digital, Culture, Media & Sport as part of the National Cyber Security Programme, found that over 40% of businesses have reported a cyber security breach or attack in the last 12 months, and these are just the ones that were reported!
With 98% of businesses dependent on some form of digital communication or technology, be that email, web-based platforms, social media or online banking, it’s important that business managers have a cyber risk management procedure in place and cyber insurance to recoup losses in the event of a data breach.
Why is cyber security so important?
In this modern world of continual IT advancement and increased dependency on the internet, cyber security should be a vital aspect of risk management for the majority of businesses, yet statistics show that while 75% of businesses rank cyber security as a high priority, less than 30% currently have formal cyber security policies in place.
By investing in appropriate cyber security measures for your business, you will:
• Protect customer and consumer data
• Prevent fraud or theft
• Protect your organisation’s reputation
• Protect intellectual property and other assets
• Prevent business interruption
• Comply with laws and regulations
• Protect your IT systems from viruses
What could be the impact of a cyber security breach?
The average cost of a cyber security breach for businesses is £3,100, with this cost including new cyber security breach measures to prevent recurrence, legal fees and downtime where employees are unable to get on with their daily activities. However, the financial impact of a cyber security breach is just the beginning; indirect costs such as reputational damage and loss of customers also need to be considered.
What factors contribute to my cyber security risk?
The truth is, any business (big or small) could be a victim of a cyber attack, but there are certain factors that can increase your cyber security risk.
Storing personal data is the big one. If your business holds any personal data on customers, employees or patients, you are more likely to be the target of a cyber attack. Personal data thefts were the highest ever in 2017, with almost 175,000 cases recorded – a 125% increase compared with 10 years ago*. With big names such as British Airways hitting the headlines for data breaches in 2018, it just shows that no business is safe, and we could see these 2017 figures on the rise.
Other factors that could increase your risk of a cyber attack include allowing employees to use their own devices for work purposes and using externally hosted web services to host websites, email or transfer and store data.
Why does my business need cyber insurance?
Even with the proper cyber security measures in place, cyber attacks are getting more and more sophisticated and when you consider the potential costs and losses your business could incur from a cyber attack, a cyber insurance policy will provide you with the peace of mind that your business and customers would be protected in the event of a cyber breach.
Investing in a cyber insurance policy will protect your business from the costs relating to:
Privacy breach – depending on what kind of cyber insurance policy you have, (First Party Coverage or Third Party Liability) this could cover costs arising from dealing with a security breach, such as notifying customers, privacy infringement claims and associated legal costs.
Third Party Liability is essential to businesses that hold large quantities of personal data and covers claims against your business by people who have been impacted by a data breach, e.g. if a customer sues your businesses for negligence after their personal data is lost or stolen.
First Party Coverage covers losses sustained by your business directly, including damage to your electronic data and systems.
Cyber extortion – a cyber insurance policy could cover you in the event that your organisation is infected by ransomware, or any other malicious software that attempts to seize control of or withhold access to your business-critical systems until a fee is paid.
Digital asset replacement – in the event that your organisation’s digital assets are lost or corrupted as a result of cyber crime.
Business interruption – if your business experiences a cyber attack that disrupts business operations, your cyber insurance policy may cover your loss of income during the interruption.
Media liability – in the event that a libel, slander, defamation or infringement of intellectual property rights claim is made as a result of your digital media presence.
Forensic support – gives your organisation 24/7 support from cyber-specialists following a hack or breach.
Reputational damage – your cyber insurance policy may recoup lost profits directly attributed to a cyber attack.
Management liability – your cyber insurance policy may cover costs associated with defending senior management following a cyber attack.
With the potential damage and cost to businesses being so high, business owners should look closely at the procedures they have in place to boost their organisation’s cyber security.
Robison & Co Insurance Brokers are specialists in cyber risk management, providing robust cyber insurance policies to protect your business in the event of a cyber attack or data breach.
For a free audit on your existing cyber insurance policy, or to discuss taking out a new cyber insurance policy, contact Robison & Co on 01730 265500. We’d be happy to discuss your requirements to ensure you’re getting the right level of cover for your business.
If you’d like to asses your cyber risks, why not download our Cyber Risks Exposure Scorecard
2018 Cyber Security Breaches Survey commissioned by the Department for Digital, Culture, Media & Sport as part of the National Cyber Security Programme.
*Statistics from Cifas, the UK’s leading fraud prevention service