October 22, 2020
Fortune 500 companies are not the only ones at risk of cyber attacks.
A small company in Kentucky with just eight PCs recently paid $150,000 (down from the initial $400,000 demand) to gain back control of its own systems and resume business as usual. Despite the company’s up-to-date systems, all it took was one fatal click of an email containing ransomware to come under attack.
Cyber insurance for small businesses is just as important as it is for larger, global corporations. The important details are in the types of coverage, the industry-specific risk, and the security measures your business has in place to prevent a cyber attack.
This article is part of a larger series about cyber insurance:
Preventative Efforts for Small Business Cyber Security
Cyber security attack prevention for small businesses isn’t much different than it is for larger organizations. The right plans take into account common attack methods, regularly update software and operating systems, and back up data.
Employee Training In 2019, Verizon found that 94% of all malware was delivered via email. Training employees on how to detect and avoid malicious emails is one of the best ways to increase cyber security for small businesses.
Software Updates Keep your software and operating systems up-to-date to patch known vulnerabilities that crime actors can exploit and use to gain access to your network or devices. This is especially important for a small business with a limited number of devices, smaller number of employees, and likely fewer networks and other systems.
Data Back-ups A plan to back-up data regularly is one of the most critical steps in preventing a cyber security attack. In the case of a ransomware attack it can offer leverage against a ransom.
Other preventative steps recommended by the National Institute of Standards and Technology include limiting employee access to private data and taking advantage of web and email filters.
Cyber Insurance for Small Business
While many of the risks may be the same, as a small business you likely don’t have the same resources to respond to them. Make sure you choose a cyber insurance partner who can help you fill in the gaps.
What to look for in a cyber insurance policy for your small business:
Security Experts Some insurance policies offer access to cyber security experts to answer cyber-specific questions. This is especially helpful if you don’t have an in-house team and need professional advice.
Risk Reports and Monitoring If you don’t have a cyber security expert on your team, you likely aren’t keeping up-to-date on the changing cyber landscape. New vulnerabilities often arise and it’s important to know what new changes you need to make internally to keep your small business safe. Look for a cyber insurance partner that includes risk reports and monitoring in your cyber insurance policy. You can take actionable steps, outlined by cyber security professionals, to keep your business secure.
Fast Breach Response and Remediation Even if you have a cyber security team in house, your cyber insurance partner should offer assistance in the case of a cyber security event. You want a partner that will respond quickly and help you remediate any issue. From ransomware attacks to a data breach, it’s important that you have the right experts available to help you triage a cyber security event.
After assessing your risk, you’ll know the vulnerabilities for your small business. From there, you can read up on the specific policies of cyber insurance options and choose the coverage that best suits the needs of your business.
Written by: [Patrick Browns]