If you’re a modern business, it’s likely that social media and e-commerce are important parts of how you reach out to new customers and do business every day. However, the very methods that you use to conduct business can leave you open to cyber attacks.
Whether you have hobby hackers or career criminals attempting to gain entry into your business, the losses that you experience can be anything from moderate to severe. To manage the risk wisely, you need to decide what to do with it. Either accept it, find ways to control it or transfer it. For most businesses, transferring risk through the use of cyber insurance policies can be the most sensible way to go.
Another sensible option is to have regular maintenance on your WordPress site so its updated and protected against any found vulnerabilities.
How does cyber insurance work?
When you buy a cyber insurance policy for your business, you don’t mitigate the risk of a cyber attack. Instead, you address the costs involved in recovering from an attack.
Cyber insurance has been gaining in popularity since at least 2005. About one in three businesses today invest in some form of cyber insurance. When you have cyber insurance and are subject to an attack, your insurance policy can pay for the following:
- An analysis: When your business suffers an attack, you need to call in a forensics investigator to find out how the attack occurred, what you can do to prevent it from occurring again, and how to repair the damage that’s been done. You may need to work with a security firm, as well as with law enforcement.
- Losses to your business: Cyber insurance policies usually cover the same kinds of losses as errors and omissions policies. You also receive coverage for losses arising out of network downtime, disruption to your business, damage to your reputation, and the costs of crisis management and data recovery.
- Legal expenses and losses arising out of extortion attempts: Whether you are sued by your clients for a data breach, or face extortion attempts from criminals using ransomware, your insurance can cover for it.
It’s important to understand that cyber insurance is a field that is still in evolution. Businesses, with a view to protecting their reputations, tend to not be very open with information related to breaches, GDPR does however, now give legislation on the timescale a breach should be reported by. But for this reason, insurers tend to have limited information on the full effects of such attacks. The full scale of the risk associated with cyber-attacks is yet to be fully understood.
If you have found your WordPress site has been compromised give me a call now on 01902 213950 or have a look at my emergency support service.
How do you find the right cyber insurance provider for your needs?
More insurance companies offer cyber insurance each passing year. If you’re in the market for such insurance, there are a few things that you should look for:
- Pay attention to the deductibles mentioned.
- Find out if you get coverage for both first- and third-party claims.
- Find out if the policy covers you only for attacks specifically targeted at you, or if it covers you for every kind of attack.
- Are you covered in the event of a breach caused by the unintentional actions of an employee?
- Are you covered against social engineering attacks?
What do insurance companies look for when they sign on a new business?
Before an insurance company will insure a business, they usually expect to see that the business has some kind of employee education program in place. Employees should be familiar with ways to avoid social engineering attacks and phishing attacks. Insurance companies also look to see if businesses subscribe to threat intelligence services that offer warnings about impending attacks.
Many insurance companies perform an audit on businesses that apply for insurance. If an audit shows them that a business is inadequately prepared, they are often only willing to offer a low level of coverage.
Should your business invest in cyber insurance?
Many small business owners believe that they aren’t at risk of cyber-attacks. The way they see it, these attacks are mainly aimed at large corporations. Research, however, reveals that close to half of all cyber-attacks are specifically targeted at small businesses. These attackers prefer small businesses simply because they tend to be inadequately protected and to be easy to break into.
An attack, should it occur, can cripple a small business. Investing in regular website maintenance and cyber insurance makes a lot of sense.
If you wanting to find out more about Cyber Insurance, I can highly recommend contacting Ian: