Cyber insurance can save organizations big money if they’re victimized by cybercrime—and save smaller businesses, period.
Technology makes our lives easier in many ways, but it also opens us up to new forms of theft and criminality.
Rather than physically breaking into a business and taking cash and product, criminals can steal information, including social security numbers and credit card numbers, doing immense damage to a company and its customers.
Not only does a data breach harm a business’s reputation, as individuals will have trouble trusting the company again, but it also leads to expenses recovering the data and making things right with customers. There could be liability and business closure expenses, as well.
Cybercrime can ruin small and medium-sized businesses because they often don’t have the resources to eat these costs and continue operating.
Fortunately, there’s cyber insurance available that can keep these businesses afloat while they attempt to regain the trust of their client base. Here’s a look at some of the main reasons why companies are investing in these policies.
How common is cybercrime?
Companies of all sizes are increasingly reliant on technology. While using computers and other devices to complete transactions and store information is fast, convenient, and relatively inexpensive, it opens these organizations up to cybercrime.
Cybercriminals have expanded their targeting to small and medium-sized businesses because many don’t have the resources to protect themselves. In fact, a 2019 study by the Ponemon Institute suggests that 66% of SMBs had experienced a data breach in the past year. In addition, Verizon reports that 28% of data breaches in 2020 victimized small businesses.
When factoring in all data breaches in 2020, 86% were financially motivated, and 43% involved web applications. It’s also worth noting that 70% of attacks were external, while 30% involved someone inside the company who mistakenly or maliciously enabled access.
Since 60% of all SMBs shut down within six months of being victimized by cybercrime, it’s in these companies’ best interests to do something to prevent it from occurring—and having insurance in place when a breach happens.
The cost to businesses
With so many companies being victimized by cybercrime, it makes sense that there would be a high cost involved. But how much?
According to the Ponemon Institute, the average cybersecurity compromise costs a small or medium-sized business $1.24 million. And that’s just the expense of dealing with the breach itself, as the corresponding business shutdown while the situation is sorted out may involve an additional $1.9 million on average. With costs like those, it’s easy to see why many smaller companies go out of business after being victimized by cybercrime.
There’s the issue of liability, too. In 2019, Marriott Hotels was penalized about $123 million for an ongoing data breach between 2014 and 2018 that exposed the records of 339 million guests. While the fine was later reduced to less than $23 million—and that is a huge company, of course—expenses far less than these would cripple a smaller business.
Fortunately for the global hotel chain, they had cyber insurance, so they didn’t have to pay everything out of pocket. It’s also estimated that cybercrime will cost businesses of all sizes $10.5 trillion per year by 2025, an astronomical number.
The protection cyber insurance provides
These numbers seem pretty bleak, particularly for smaller companies that don’t have the resources to recover from the financial fallout. But there are some things smaller businesses can keep in mind to reduce the chance of being victimized.
First, training staff and investing in the necessary security measures make it less likely that you’ll become an easy target. Employee errors, including password theft, are common causes of cybercrime. You might also consider using an off-site or third-party source to back up your files and data, so you don’t have to store valuable financial or health information on the premises.
If businesses take some simple precautions, they can present a more challenging target, and there’s a chance these criminals will simply try elsewhere.
Cyber insurance is also quickly becoming an essential part of commercial insurance because it provides financial coverage if you experience an attack that hurts your company and customers. These policies typically cover costs associated with notifying customers of a data breach, restoring stolen customer identities, recovering data, and repairing computer systems.
A general liability policy won’t provide coverage if a business falls victim to cybercrime—it requires a dedicated type of insurance.
NICRIS Insurance is available to help New York businesses with their cyber policies. Our team will assist as you find a strategy based on your annual business revenue, ensuring you have enough coverage to keep your company protected.
NICRIS Insurance focuses on providing clients with the appropriate suite of products to protect them, their interests, and their loved ones. If you need some insurance advice or would like a free, personalized insurance review, just drop us a line, visit our offices Monday to Friday 9 to 5, or call (516) 544-0006.