As technology advances, so do the risks that businesses face.
“Cybercrime is one of the greatest threats that businesses of all sizes and in all sectors face today,” says Lee Rogers, Chief Executive Officer, Acera Insurance.
In 2021, cyber incidents were nearly twice as likely to impact businesses as natural disasters and theft combined. (Source: Allianz)
The threat of cybercrime continues with cybercriminals shifting tactics and targets as cyber risk awareness develops among business owners.
Cybercriminals often utilize social engineering techniques, such as phishing, to gain access to systems or facilitate a fraudulent funds transfer. They also utilize emerging and maturing technologies, such as ChatGPT as a tool to create malware or perpetrate fraud (Source: Insurance News — “AI technologies reshaping cyber threat landscape.”)
Further venues for criminals are provided by access through the internet of things (i.e., smart objects like security systems that connect and exchange data with the internet) and operational technology.
How much does cybercrime costs businesses?
The financial hardship a business faces after falling victim to a cyberattack is much higher than just the ransom or fraudulent fund transfer amount. Additional losses and expenses that can result from a cyber breach include:
- Business interruption
- Digital assets restoration
- Forensic investigation
- Lawsuits
- Regulatory fines and penalties
- Notification costs and identity fraud monitoring
- Replacing devices permanently impacted by malware
- Reputational repair and crisis management
A comprehensive cyber liability policy can help businesses cover such losses. Waiting to obtain this coverage until after experiencing a cyber breach will not only hinder a company’s ability to respond to the incident, it may also make getting cyber liability insurance in the future more prohibitive.
Did you know? The average business interruption cost following a cyberattack is 24 times greater than the average ransom amount. (Source: Canadian Broker Network Cyber Crime Report)
Cyber crime risk management
Businesses can no longer afford to view cyber liability insurance as a nice-to-have; it is a necessity.
“Cyber liability insurance is just as critical as other traditional commercial coverages,” says David Edgar, Managing Director, Underwriting, Captives & Alternative Risk Solutions, Acera Insurance.
Even though cybercrime has been escalating at an alarming rate, most organizations’ cybersecurity budgets have remained fairly flat (Source: Cybercrime Magazine), as businesses still prioritize bricks and mortar over informational assets and data (Source: IBC/Cyber risk management).
To truly protect themselves, businesses must prioritize allocating more of their budget to cybersecurity. This includes investing in cyber liability insurance and cyber hygiene best practices.
Why businesses need cyber liability insurance
Insurers have adjusted cyber insurance rates in response to the changes in frequency and severity of claims. This coverage provides a critical safety net from the costs of a cyberattack.
For example, according to cyber insurer Coalition’s 2023 Cyber Claims Report:
- The average ransom demand in 2022 was $1 million.
- The average amount stolen via fraudulent fund transfer in 2022 was over $212,000.
Bear in mind, these figures do not factor in additional costs that arise from a cyberattack — such as business interruption, which some estimates state will increase by as much as 75% year-over-year as cyberattacks become even more complex. (Source: Canadian Broker Network Cyber Crime Report)
Cyber hygiene best practices
Risk management and mitigation should always be a business’ first line of defence against any risk. In the cyber realm, this means practicing good cyber hygiene — the security infrastructure, processes, and routine maintenance and patching that strengthen digital security.
Common best practices include, but are not limited to:
- using multi-factor authentication;
- closing all unnecessary remote desktop protocols;
- using endpoint detection and response (EDR) software, which continuously monitors an organization’s endpoints, looking for malicious activities and protecting it from security breaches.
- regularly conducting employee training;
- using email filtering software;
- properly protecting and storing data backups; and
- having a business continuity plan to mitigate the impact of a cyberattack
Good cyber hygiene not only makes a notable difference in minimizing an organization’s cyber risk, but it also improves the odds of obtaining cyber liability coverage at a more favorable rate.
Need a cyber liability insurance quote?
Get started online or contact an Acera Insurance broker today to discuss how cyber liability insurance can protect your business.