Harvard Business Review states “Cybercrime alone costs nations more than $1 trillion globally which is far more than the record $300 billion of damage due to natural disasters in 2017.” Harvard Business Review further reported that cyberattacks are the major threats facing business today. They list cyberattacks ahead of asset bubbles, terrorism, and other risks.
You may think your company is immune from a cyberattack, but you’re not. In a July 2018 report from the Ponemon Institute LLC, sponsored by IBM, it is reported that the average global probability of a cyber breach in the next 24 months is at 27.9 percent.
Any business can fall victim to a cyberattack. In a 2018 Data Breach Investigations Report, published by Verizon, stated that about 58 percent of cyber breaches caused hardships to small and large businesses. The financial and insurance industry had approximately 598 attacks in 2018 and 146 of those attacks caused breaches to confidential data for millions of dollars and lost trust from clients.
You can reduce your cyber risk by discussing your business with the proper insurance manager. Consider with your good insurance risk manager in Utah policies that provide coverage against cyberattacks. Research policies to find the best limits to cover post-breach response expenses and include legal fees, client notification costs, and reputational repair costs
A good insurance risk manager in Utah can try to reduce cyberattack costs in several ways.
- Insure against cyberattacks. Discuss options with the proper insurance manager and find a policy that provides coverage against cyberattacks and gives limits to cover the post-breach expenses.
- Train your employees to be proactive. In 2018, about 28 percent of last year’s cyberattacks involved internal factors. Employees need to be trained on how to prevent international cyberattacks and learn how to identify the many everyday things used to spy on your business.
- Implement best practices that include updating software, using complex passwords and changing them monthly, use data encryption, and secure your Wi-Fi network. You can find tips on how to secure your WIFI network in the U.S. Department of Homeland Security’s Ready.gov website.
- Keep a check on email inboxes. Discuss email protocol with employees. Talk to employees about opening attachments containing malware. A manager should send out notices that if an employee receives an email and the sender is unfamiliar, don’t open any attachments.
Unfortunately, most cyberattacks come from phishing and pretexting schemes. Learn from a proper insurance manager when you purchase our policy how to distinguish phony emails from “good” ones.
Today’s work is an automated, technical, and electronic world. Everything has an IP address, and these are usually easy to find. Devices like smart refrigerators, cell phones, and even light bulbs have information embedded in them that could shut down your company.
Every business should have an incident lead who knows how to identify a cyberattack among the staff. The incident lead can train the team and help distribute communications to show everyone how to identify a cyberattack. Let employees know they should report anything suspicious immediately.
- Once an attack happens, the lead must know how to identify the attack, determine how severe it is, learn what information was compromised, compile an insurance report, and notify law enforcement.
- Compromised accounts should be disabled for the time, and a compilation of all IP addresses should be generated. All users must change passwords immediately. The proper insurance manager needs to be contacted.
- Have a plan and understand what data needs to be protected. A recent article by the technology company, Ciena, listed three methods that should be applied to information to determine if it is necessary to protect. These are confidentiality, integrity, and availability.
Keep your plan teachable. “Don’t make it so difficult to get through your computer that staff can’t get to the documents they need.” Not all information is of equal importance. For example, a patient’s record in a medical office is much more critical and should be protected than a brochure on the latest remedies. Being aware of what needs encryption could save your business money.
- Test your cyberattack mitigation plan often. When there is a beach, your lead will quickly know what actions are most important and who needs to be informed.
- You can afford cyber insurance by discussing our needs with a good insurance risk manager in Utah and by determining what records need to be secured.
Once your company purchases a cyber breach insurance policy, again, you must test the plan, or your team won’t know or understand what to do.
- A good risk manager in Utah uses data breach cost calculators to help small business estimate cots of recovery from a cyberattack. Cyberattacks are relatively new, and clients need listings of the areas of exposure that could hurt their company if a breach occurs. Costs are associated with every step of the process of recovery, and the cost of each step needs to be analyzed.
The proper insurance manager llists four categories of information that a cyberattack could expose and cause harm. These are:
- Personal identification information like mother’s maiden name, birth date, or Social Security number.
- Health care information. All medical data must be protected according to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Reports state that data is sold on the dark web at six times the cost of personally identifiable information. Hackers can create credit cards using protected health information. It’s much easier to uncover a person’s insurance information with a PII.
- Payment card industry. Criminals try to get information to sell on the dark web by stealing your client’s credit card numbers. These numbers can be sold immediately before the credit card holder can cancel the card.
- Hackers can get secure data from a network and blackmail the company. Most companies will gladly pay the ransom rather than suffer the reputation loss of letting the world know they were hacked.
In today’s electronic world, cyberattack insurance is new and necessary protection for your business. Contact a good insurance risk manager in Utah to get the policy that will protect your company and clients.