With the Covid-19 pandemic and rise of many organizations and businesses changing to remote workforce models, more people are relying on the internet for data and communication. If there was a cyber attack these organizations and businesses could be faced with huge monetary losses or even closing. If your organization or business were face with a cyber-attack such as a data breach, malicious attack, ransomware or other cyber security threats how would you recover? Does your business have cyber security resources or security professionals? What kinds of cyber security risks are out there and how would it affect your business and employees?
According to Insurance Information Institute there are 5 cyber liability risks businesses face:
1. Liability: Your business is responsible to pay for costs that incurred by customers and other third parties because of a cyber-attack or other IT-related incident.
2. System recovery: The costs of repairing or replacing computer systems. These costs associated in system recovery can be expensive and your business may not be able to operate while it is down, resulting in more losses.
3. Notification expenses: In several states, you are required to notify customers if a data breach has occurred or even if it is suspected (Applies to you, if your business stores customer data). If you have many clients, this cost also become expensive.
4. Regulatory fines: Many federal and state regulations require businesses to protect consumer data. If a data breach occurs from your business’s failure to meet compliance requirements, you may incur hefty fines.
5. Class action lawsuits: Large-scale breaches have led to class action lawsuits filed on behalf of customers whose data and privacy were compromised.
Here are some types of Coverages offered in a cyber liability insurance policy:
- Loss or corruption of data
- Business interruption
- Multiple types of liability
- Identity theft
- Cyber extortion
- Reputation recovery
Most importantly, there are several steps organizations/ businesses can take to protect themselves from cyber liability risk and attacks. Below are three great steps from SECURA Insurance to protect your business against a cyber-attack:
1. Understand your systems and the information being gathered: First, make sure your business has a plan to protect against cyber-attacks. Know what information systems you are using and what kind of data it collects through these systems. (Examples: Collecting IP addresses, email address, passwords, etc.)
2. Control the physical things: There are some physical things you can control to protect your business against a cyber-attack. Install a firewall on your computers/laptops. Make sure the firewall is configured correctly for it to effectively work. Also, secure your Wi-Fi networks with strong passwords. If you have a guest Wi-Fi network, consider setting up a separate router and password. Lastly, control access to your computers and data. Set up user profiles so only authorized users have access to your systems and data. Create rules to make sure strong passwords are set for users.
3. Educate your employees: Training employees can help significantly when it comes to preventing cyber-attacks. Help employees to understand company policies and procedures when it comes to cyber-attacks by having a training course, webinar, security tip reminders, and regularly updating employees about the current threats such as phishing attempts.
Sources:
https://www.iii.org/article/cyber-liability-risks
https://www.iii.org/press-release/stand-alone-cyber-insurance-can-save-unprepared-small-businesses-survey-finds-101818
http://www.rmmagazine.com/2020/12/01/risks-to-watch-in-2021/