The Cost of CyberCrime and Insuring Against It

Cyber attacks can be expensive; the cost to reputation, legal actions against a company and the cost of rectifying outdated IT systems, add up quickly. The large scale cyber-attacks involving millions of compromised user accounts can cost the victim companies tens of millions of dollars.

The average SME is unlikely to have to foot such a bill, but research into the financial cost for an SME of CyberCrime still makes worrying reading. Research globally shows that attacks on SMEs are increasing, often because smaller businesses are unprepared and easier targets. Some research shows the average cost to the smallest of businesses is around €8,000 with small and medium size companies being landed with a bill of €35,000 or more.

Reputation will suffer and you may never win those customers back. There may be legal fees, cost of restitution and perhaps even Data Protection fall-out, and your operation may grind to a halt while you figure out exactly what’s happened. It seems unjust that the per-capita cost to small businesses is far greater than that to large companies dealing with CyberCrime; big businesses can trade their way out of security issues with resources and spending, whereas many small businesses would have to pull down the shutters..

If the worst happens and a small business is the victim of CyberCrime it’s important to react quickly. Locking down systems and if appropriate, contacting financial institutions; the Gardai and Data Protection Commissioner should be amongst the first items on a response plan. Then a business needs to compose a response to communicate to customers or suppliers whose data may have been compromised.

Help can often be found from industry bodies, communications companies and Chambers of Commerce and if you have a Cyber Insurance policy, your insurer should be contacted immediately.

Cyber insurance is growing increasingly popular with small businesses who want to protect themselves from the growing threat of CyberCrime. Your existing insurance broker may well offer Cyber Insurance from specialists like AIG and Hiscox and it’s no longer just large businesses who are insuring against the risks of being online.

Stephen Ridley, Hiscox UK and Ireland’s cyber and data risks expert says, “We have seen both the number of enquiries received and policies purchased increase radically over the last 18 months, with that increase accelerating, especially over the last six months. We are now seeing over three times the number of enquiries that we were at this stage last year.”

While large and multi-national businesses seem most focused on keeping customer data safe and secure, Ridley explains what Hiscox see as the greatest risk to SMEs, “The area of cover that most frequently gives rise to claims is Cyber Extortion. Typically this will be via ransomware, but we have also seen an increase in companies being contacted by alleged hackers threatening to either publish information gathered from a hack, or perform a denial of service attack against the business unless a ransom is paid.”

It’s difficult for insurers to define what a typical claim is, and Hiscox say the volume of data held, the size and complexity of the company’s network and even how prepared a business is for a breach all make a difference.

With so much at stake though, and with so many factors to be considered I suggested to Stephen Ridley that it mightn’t be financially viable for a small business to take out Cyber Insurance, but he suggests insuring against the risk is more accessible than one might think, “When building our product, we wanted to make sure that pricing wasn’t a significant barrier to small businesses getting the protection that they need. As a result, we are able to offer cover from €145 plus levy for the smallest companies – a small price to pay for high quality coverage that provides robust protection”.

Like all insurance, we hope we’ll never need it but in a business world where the risks of being online are growing and the cost of CyberCrime could be catastrophic for a small business, being safe, rather than financially sorry, make good business sense.

Related Posts
Read More

FBI issue ISIS WordPress Plug-In warning

The FBI today, issued a warning to WordPress users about their Content Management Systems (CMS), as they could be at risk from ISIS supporters intent on making public statements by defacing websites using one of the world's most popular publishing platforms. Continuous Web site defacements are being perpetrated by individuals sympathetic to the Islamic State in the Levant (ISIL) a.k.a. Islamic State of Iraq and al-Shams (ISIS).
Read More

CyberCrime & The Internet of Things

Connected devices will bring efficiencies and automation to our lives, but as we connect more and more devices, we are creating the opportunity for data to leak out, and nefarious hackers, to creep in.
Read More

CyberCrime: How Businesses Are Under Threat

From Ransomware and Virus infection to the theft of your banking or customer data, who is trying to hack you and why? And if you know the who and why, you’ll be better prepared to stop them.