Cybercrime is a whole new style of theft that impacts every type of business. As larger companies have the resources to implement safety measures, small and medium businesses have now become key targets for cybercrime. The Australian Cyber Security Centre (ACSC) has stated in its Cyber Security Survey that they receive one report of cyber-crime every ten minutes and over $AUD 300 million is lost to cybercrime from businesses per year.
Cyber insurance can cover a business from losses suffered after an attack, including any funds removed from company accounts as well as helping companies cover crisis expenses and bettering security after an attack. But does that mean your company needs cyber insurance?
Insurance, unfortunately, is not protection against cybercrime. It is designed solely to help a company recover after the said crime, so if you are unlikely to be targeted, the insurance may not be necessary. However, it is important to be aware that with more and more individuals working from home, those working through personal internet services with personal computers and in the cloud are more likely to be at risk than companies themselves.
It’s also important to be aware that some specific industries have been targeted more than others. Finder reports that healthcare/medical industries, financial services businesses, retail, construction, real estate, travel, education, insurance, and law firms are most likely to be hit by hackers.
These industries are most likely to rely on reputation to bring in new clients, and any cyber-attacks can significantly alter this reputation and harm businesses long term.
Whether you own a business or are in the market to buy or sell a business, it’s important to be aware that under the Privacy Act 1988, all businesses must notify affected individuals and the OAIC (Office of the Australian Information Commissioner) when a data breach involving clients personal information has occurred and may result in serious harm.
Considering that reputation can be altered by cyber security, the ACSC also writes that most business owners regard cyber security to be important but don’t know how to fix it, with only an average of $500 spent on cyber security.
If as a small business owner, you can’t yet afford significant cyber security, or a dedicated IT team to manage the security risks, cyber insurance would be a smart choice for you to add a safeguarding mechanism against monetary loss.
In the event that you’d like to peruse cyber security insurances, Finder suggests the following:
• Identify the possible risks your business faces: is it the interruption in business from websites going down or exposure of customers’ personal information?
• Get the correct level of cover for your business: cyber liability comes in all shapes and sizes, and so does insurance.
• Know what’s excluded from the plan: exclusions from the plan are just as important
• Check third-party negligence: if you outsource tasks such as storage, check if that third-party negligence would be covered by your insurance.
It becomes clear that cyber threats are a real liability to small businesses and can not only interrupt day-to-day dealings but reputation and sale value too. Cyber insurance can be of real value, acting as a safety net that protects sensitive information, but can also positively impact your valuation if you are looking to sell.
Likewise, acquirers searching for businesses that rely on technology should be aware of the ramifications posed by cybercrime. Ensure a sound due diligence is conducted, investigating any cyber insurance coverage.