It’s no secret that most businesses aren’t protected from cyber threats. And, with the ongoing economic uncertainty, these businesses aren’t likely to be considering this vulnerability as a priority.
While understandable, right now is the perfect time to invest in Cyber & Data insurance. We’ve asked our resident cyber expert, Sam, to explain why.
The threat is real
The online nature of cyber threats makes them a difficult threat to detect. And as it’s such an intangible area, there seems to be a distinct polarity between those in fear of an attack and those who feel they’re so well prepared that an attack could never happen to them.
As always, reality lies somewhere in the middle. But it’s this lack of awareness of the level of risk they’re running that brings businesses to their knees when they’re actually under attack.
When we raise this, some of the most common objections we hear are:
The first two would get you favourable insurance terms, sure. But none of them remove all the risk.
Firstly, Cyber & Data insurance is a lot more than protection against potential ICO actions. So, it doesn’t matter if you don’t hold sensitive data – you can still be attacked, and the attack can cost you a whole lot of revenue if it causes significant downtime.
Secondly, while your business may have state-of-the-art security, your employees are still human, and therefore not infallible. In fact, according to IBM, over 95% of successful cyberattacks and incidents result from human error.
Finally, there’s no such thing as ‘too small to be targeted’. Attacks on big businesses make headline news, attacks on SMEs do not. This gives the false sense of security that small businesses aren’t targeted, when the reality is the opposite. In fact, a report from Verizon revealed that 58% of data breach victims were classed as small businesses.
Of course, you might be thinking that the risk has always been this high. So why would investing in Cyber & Data insurance now, as opposed to after the pandemic, help me? Well, until now, the demand for it has been relatively low, making it cost-effective to proactively protect yourself. But that’s changing…
Premiums are on the rise
It was inevitable really. Cyber & Data insurance had a honeymoon period where very few companies purchased cover, meaning that claims were few and far between. This led to competitive premiums eventually attracting large numbers of SME businesses to take the cover.
As a result, the industry saw both an increase in the numbers of insured businesses, and an increase in the annual costs of claims. My opinion? This has been driven by the participation of the SME sector, where average premiums are low but claim costs can still be very high. Especially if the attack caused significant disruption.
We’re now starting to see the impact of this, with premiums beginning to rise to counter the losses felt by insurers. However, my view is that we’re still at the beginning of this curve, making it an ideal time to buy Cyber & Data insurance.
Right now, premiums are incredibly competitively priced for the breadth of cover available – usually starting from a few hundred pounds. But this is sure to rise as businesses begin to kick-start their growth after the new year.
Claims are becoming more frequent
We’re experiencing a rise in the number of cyber and data incidents affecting our clients – a trend that’s echoed by the insurers we deal with. Every day, when we scroll through the news, there seems to be a different report showing yet another company suffering some horrendous cyber attack.
The headlines focus on large businesses. And if corporations with huge IT security budgets can be penetrated, why can’t your business? After all, with our new flexible and remote-working patterns, our digital footprint is increasing. These changes are almost certainly contributing to the increase in claim numbers.
As I’ve mentioned, employee error has long been regarded as the Achilles heel within a business’ digital armoury. It stands to reason that the less centralised the business, the greater their exposure to a rogue employee clicking on a link to an unsafe site, or downloading an unsafe file, leaving your organisation with harmful malware.
Likewise, cyber criminals change their tactics at an exponential rate. Defensive measures such as firewalls or antivirus software will always struggle to adapt to every single evolving threat. Random untargeted attacks continue to spread like wildfire, and change tactics constantly, making them increasingly harder to protect against.
It’s for this reason that getting your business set with the right recovery plan in place should include securing effective insurance protection.
Claims are increasing in severity
I’ve already outlined how insurers have seen a rise in the number of claim notifications they’re receiving. What I’ve not yet mentioned is how insurers are also seeing the costs of those claims rise.
Already, there seems to have been a marked inflation in the costs incurred in getting a business back up and running following an incident. A simple example is how ransomware attacks are not just rising, but their monetary demands are increasing too. Insurers now regularly see ransomware demands in the multiple thousands.
That’s because, with the likes of Tesco suffering a huge loss in public trust, hackers understand the heavy reputational impact of leaving data unguarded (or the cost of deleting important data). And they’ll inflate their prices knowing that you can’t afford a public scandal.
But this is just the beginning. Attacks will get more severe and claims will rise even further. We might start to see Cyber & Data insurance costing a small fortune as a result, and potentially outpricing SMEs. However, by carefully reviewing policies, you can cost-effectively ensure the protection of your key risks for many years to come.
We live and breathe insurance. And when it comes to Cyber & Data, we can place you with insurers that offer some of the most comprehensive policies on the market. We meticulously vet all the insurers we recommend, too, checking every new policy that’s released to ensure that our clients are covered.
What’s more, we partner with leading industry voices to help us keep tabs on the latest cyber trends. So, if you like the sound of our approach, get in touch with a member of the team today.
Uncategorized - December 7, 2020
Blog - November 23, 2020