Small businesses have it tough because a single disruptive event can force them to close their doors for good. While insuring against everything from natural disasters to vandalism is a common practice, SMBs still tend to see cyber insurance as something that’s only nice to have. In reality, cyber insurance has become essential, and we explain why in this article.
The Growing Importance of Cyber Insurance
Contrary to what many small business owners still believe, cyber attacks are now one of the greatest sources of disruption. In fact, 63 percent of SMBs surveyed before the outbreak of the COVID-19 pandemic had experienced a cyber breach in the last 12 months, according to Ponemon.
The number is so high because 70 percent of all cyber attacks are targeted towards SMBs, which store the same sensitive data as large enterprises but don’t have nearly as much resources to protect it. What’s also high is the average ransom payment cybercriminals now expect their targets to pay: over $150,000, up from around $80,000 in the fourth quarter of 2019.
Not many SMBs can lose that much money and recover, especially because the direct financial impact is just one part of the true costs of a cyber breach, along with reputational damage and regulatory fines, for example.
While implementing cybersecurity best practices does make it much more difficult for cybercriminals to get their hands on sensitive information and wreak havoc, no protection is 100 percent guaranteed—no matter how comprehensive.
What’s more, organizations also have to worry about the impact of third-party data breaches, such as the recent leak of a 30 million subset of T-Mobile customers’ data, which was obtained from a T-Mobile-run database server that was connected to the internet and can be used to uniquely identify and locate a cellphone user.
Cyber insurance reduces the otherwise massive impact of a cyber breach in exchange for a monthly or quarterly fee, making it an essential investment for SMBs that don’t want to take any chances.
Cyber Insurance Doesn’t Have to Be Expensive
It’s no secret that the cyber insurance industry has been hit hard by the COVID-19 pandemic, with phishing attacks surging nearly 400 percent and ransomware attacks increasing by 93 percent. As a result, many insurers have tightened their underwriting guidelines, requiring organizations that don’t meet their cybersecurity expectations to pay a lot more than those that do.
According to Woodruff Sawyer, one of the largest insurance brokerage and consulting firms in the US, “Nearly all cyber insurance carriers now require a supplemental application that includes questions on security and process controls which would prevent or at least minimize the impact and cost of a ransomware attack.”
Unless you’re willing to pay a premium price to get a cyber insurance policy, you need to implement at least the minimum controls for protecting data that cyber insurance carriers expect to see. That’s something we at Spectrum Technology Solutions can help you with thanks to our comprehensive portfolio of managed cybersecurity services.
If you’re interested in getting your organization insured against cybersecurity incidents, then get in touch with us, and we’ll help you secure the best insurance policy for your specific needs.