31 Aug Can Your Business Survive a Cyber Attack?
By Les Tingley, MEd, EpiCenter’s Director of Partnerships and Supporting Technologies
In the News
- Cybercrime damage costs to hit $6 trillion annually by 2021.
- Global ransomware damage costs predicted to exceed $5 billion in 2017.
- In Q3 2016 alone, 18 million new malware samples were captured.
- More than 4,000 ransomware attacks have occurred every day since the beginning of 2016.
- Cybercrime has become an attractive source of revenue for hackers, organized criminal gangs, and nation states. There’s evidence that North Korea alone has managed to steal $94 million from banks in Vietnam, Poland, Ecuador, and Bangladesh.
- Symantec Corporation calls USA an “easy mark” as 64% of Americans have caved in to digital extortion.
- Even after taking appropriate steps to combat cybercrime, the biggest security risk for companies may come from its own employees. 78% of people claim to be aware of the risks of unknown links in emails, and yet they click anyway.
You would be hard pressed today to read or watch the news and not hear events related to cybercrime. So much so that many people have turned a deaf ear to these stories. Businesses, however, cannot afford to take this subject lightly.
It’s unfortunate that most of the reports of cybercrime are a result of attacks on very large companies, as these businesses tend to be more newsworthy. That doesn’t paint the full picture, however. Symantec reports that 43% of phishing attacks were on small businesses, and 60% closed within six months of a breach, resulting in an average cost of $217 per stolen record. Digital crimes are no longer targeted at only the biggest of companies.
While many companies have taken steps to tighten data security, many haven’t considered the need to protect the business in the event of a breach. Some of these costs include law enforcement investigation, business losses, cost to notify those impacted, lawsuits, business down-time, and extortion payments. One form of business protection is cyber insurance.
When discussing cyber insurance with EpiCenter’s insurance broker, it became very clear that this is not a simple subject, nor is there a one-size-fits-all plan to purchase. With a plethora of available types of coverages and options, insurance of this type takes a considerable amount of research and planning.
Every business assumes a certain level of risk, but my recommendation would be that every company should, at least, talk to their insurance provider about cyber insurance. Typically, there’s no charge to discuss the options, but most import is to discuss those things that are critical to the company. Loss of business, for example, may not even fall under the heading of cyber insurance, but lack of coverage for such after an attack may be the difference between staying in business or not.