As technology advances, the risks businesses face increase.
“Cybercrime is one of the biggest threats facing businesses of all sizes and in all sectors today,” says Lee Rogers, CEO of Acera Insurance.
In 2021, cyber incidents were nearly twice as likely to impact businesses as natural disasters and theft total. (Source: Alliance)
The threat of cybercrime continues as cybercriminals change their tactics and goals as awareness of cyber risks evolves among business owners.
Cybercriminals often use social engineering techniques, such as phishing, to gain access to systems or facilitate fraudulent money transfers. They also use emerging and mature technologies, such as ChatGPT as a tool to create malware or commit fraud (Source: Insurance News – “AI Technologies That Are Reshaping the Cyber Threat Landscape.”)
Other venues for criminals are provided by access via the Internet of Things (i.e. smart things such as security systems that connect to the Internet and exchange data) and operational technology.
How much does cybercrime cost companies?
The financial difficulties a company faces after falling victim to a cyberattack are much higher than just the ransom or fraudulent money transfer amount. Additional losses and expenses that can result from a cyber breach include:
- Business interruption
- Digital asset recovery
- Forensic investigation
- Lawsuits
- Fines and regulatory penalties
- Identity fraud notification and monitoring costs
- Permanently replace devices affected by malware
- Reputation repair and crisis management
A comprehensive cyber liability policy can help businesses cover such losses. Waiting to obtain this coverage until after a cyber breach will not only hinder a company’s ability to respond to the incident, but may make obtaining cyber liability insurance in the future more difficult.
Did you know? The average cost of business interruption after a cyberattack is 24 times greater than the average ransom amount. (Source: Canadian Brokerage Network Cybercrime report)
Cybercrime risk management
Companies can no longer look at cyber liability insurance as a nice-to-have; It’s a necessity.
“Cyber liability insurance is just as important as other traditional business coverages,” says David Edgar, managing director of underwriting, captives and alternative risk solutions at Acera Insurance.
Although cybercrime is escalating at an alarming rate, most organizations’ cybersecurity budgets have remained fairly constant (Source: Cybercrime Magazine), with companies still prioritizing bricks and mortar over information assets and data (Source: IBC/Cyber Risk Management).
To truly protect themselves, companies must prioritize allocating more of their budget to cybersecurity. This includes investing in cyber liability insurance and cyber hygiene best practices.
Why businesses need cyber liability insurance
Insurers have adjusted cyber insurance rates in response to changes in the frequency and severity of claims. This coverage provides an important safety net from the costs of a cyber attack.
For example, according to the Cyber Insurance Company’s 2023 Cyber Claims Report:
- The average ransom demand in 2022 was $1 million.
- The average amount stolen via fraudulent money transfer in 2022 was more than $212,000.
Keep in mind that these numbers do not take into account additional costs that arise from a cyber attack – such as business interruption, which some estimates suggest will increase by up to 75% year over year as cyber attacks become more sophisticated. (Source: Canadian Brokerage Network Cybercrime report)
Cyber hygiene best practices
Risk management and mitigation should always be a company’s first line of defense against any risk. In the cyber world, this means practicing good cyber hygiene – the security infrastructure, operations, routine maintenance and patching that enhance digital security.
Common best practices include, but are not limited to:
- Using multi-factor authentication;
- Close all unnecessary remote desktop protocols;
- Use endpoint detection and response (EDR) software, which continuously monitors an organization’s endpoints, looks for malicious activity and protects them from security breaches.
- Conduct regular training for employees;
- use of email filtering software;
- Protect and store data backups properly; and
- Having a business continuity plan to mitigate the impact of a cyber attack
Not only does good cyber hygiene make a noticeable difference in reducing an organization’s cyber risks, it also improves the odds of obtaining cyber liability coverage at a more favorable rate.
need to Cyber Liability Insurance Quote?
Get started online or contact an Acera Insurance broker today to discuss how cyber liability insurance can protect your business.