No Business Too Small to Face Cyber Attack Risk
Your small business owner and manager clients might not consider themselves prime targets for cyber attacks.
They may assume big companies have more information to steal and more profits to siphon off, so they’re targeted most often by criminals online. In reality, the opposite is often true.
Everyone can be a cybercrime target – even SMEs – and the onus is on SME owners to stand up to the cybercrime epidemic, spread awareness and do their part to prevent incidents. That process begins with simply admitting the problem exists.
If one of your SME clients is hit by cybercriminals, it can be costly.
Research has shown 60% of hacked SMEs are out of business in six months. That’s no surprise, given how devastating attacks can be, and illustrates the need for business leaders to be open and honest about the dangers.
Help your clients protect their data
You can provide sound risk management advice to your SME clients to help them prevent cyber attacks by taking basic steps for better cyber security. Ask them the following:
• Are all software licenses up to date and antivirus updates enabled? Outdated software can expose businesses to potential attacks and trigger loss of clients’ personal information, leading to brand damage and rectification costs.
• Do they regularly review information stored internally? If old files are saved on local machines, ensure sensitive information, such as payment processing data or confidential trade secrets, is secure.
• Advise SMEs to plan ahead. No one likes to think about a cyber attack hitting their business but, if and when it does, they need to be ready. SMEs need to know how to sustain operations even if data access is disrupted and act quickly to prevent distressed customers or lost revenue after an attack.
• Do they involve all the workforce? No business leader can prevent cybercrime incidents alone. It’s a team effort. If someone is left out of the cyber security planning process, that weak link might leave the organisation vulnerable. SMEs’ employees are the last line of defence. The most successful companies at preventing cyber losses lead from the top and educate their employees.
Find the insurance coverage they need
Even if your clients are highly vigilant about preventing intrusions, they still happen. The best way to keep your clients safe is to buy insurance to provide an extra layer of financial protection.
A cyber insurance policy is part of every successful business’s risk management framework. Cyber insurance is not the first line of defence; it is designed to protect a business when its IT security, policies and procedures fail to stop an attack.
Protection becomes more important as Australia introduces the new notifiable data breaches scheme, which starts on 22 February 2018.
Gerry Power, National Head of Sales at Emergence Insurance, says cyber insurance is designed to support businesses by providing an incident response team to help clients who suffer cyber events.
Emergence’s Cyber Event Protection package give businesses financial support and incident response expertise to recover from adverse events, including ransomware attacks, point-of-sale intrusions, denial-of-service attacks and cyber espionage.
written by Troy Filipivic, Managing Director Emergence Insurance; Cyber Insurer Australia Specialist