Cyber crime is estimated to be costing Australian businesses around AUD $4.5 billion a year, with this figure expected to grow exponentially as more organisations start doing business online. And small businesses are just as much a target as large corporations, with cyber criminals attacking any site or server where sensitive information is stored and a weakness can be found.
So regardless of the size of your business, the bottom line is that at some stage you are going to experience a security breach, and if the experts are to be believed, it may already have occurred without your knowledge.\
What is cyber crime?
Cyber crime is a blanket term for any kind of criminal activity that involves the use of a computer or occurs online. This can include:
- Identity theft – Using someone’s personal details to create a new identity and fraudulently obtain credit, loans etc
- Viruses and malware – Distributing software designed to damage, disrupt or provide unauthorised access to computer systems
- Hacking – Unauthorised intrusion into a computer or network with the aim of stealing money or data or altering the system to accomplish some other goal
- Phishing scams – Sending out fraudulent emails purporting to be from reputable companies to induce individuals and employees to reveal sensitive personal information
- Extortion – Threatening individuals and businesses with an online attack or destruction of data unless a ransom is paid.
If you become the victim of a cyber crime, it can have devastating consequences for your business. These consequences can result in lost revenue from customers who no longer trust the security of your site or website hacks that require a large fee to fix, which can then lead to business insolvency or sending your company into administration.
One cyber attack can be enough to shut you down for good, which is why cyber insurance is becoming a necessity rather than a luxury for every business large and small.
How to insure against cyber crime
One form of cyber insurance is risk management, and there are a number of things a business can do to minimise the likelihood of a serious cyber attack occurring, including:
- Installing and maintaining reputable anti-virus programs, such as those from Norton and McAfee
- Backing up data regularly and securely, so that if the worst happens and your data is lost or corrupted, you will be able to get up and running again relatively quickly
- Installing and maintain reputable Firewall technology, which is now highly efficient in detecting and preventing system intrusions
- Using the latest data encryption on all incoming and outgoing data transfers
- Using strong passwords and authentication procedures
- Ensuring BYOD devices such as employee-owned laptops and mobiles are secure both on and off the premises
- Having strong online security policies, ensuring your employees are familiar with them and providing regular training in online security.
IT security experts Kiandra believe phishing is now the weapon of choice for cyber criminals, and their penetration testing campaigns have revealed that 45% of passwords used within an organisation are ‘high risk’.
This illustrates a shockingly high level of ignorance about cybercrime, and shows why awareness training is crucial for all businesses. For maximum risk management, an annual assessment of your systems by a security professional is also necessary.
Cyber liability insurance
The other way to insure against cyber crime is to take out actual insurance that covers your liability in the cyber realm. Cyber liability insurance provides first and third party protection from the risks associated with doing business online, including privacy issues, intellectual property infringement and virus and malware attacks.
Similar to normal business liability insurance, it can cover your sales losses due to business interruption. It can also cover;
- The cost of notifying customers of a security breach
- The cost of restoring or recreating electronic data following the breach
- Forensic services to investigate the breach
- PR if the breach harms your business reputation
- Assistance in guarding against further data breaches
- Funds to cover fines, court fees and settlements following a breach.
To date, only a very small percentage of Australian small businesses have cyber insurance (approx 15%), but with almost 20% now having experienced a cyber attack, this figure is expected to increase dramatically in the next year or so.
The extent to which your business is conducted online will determine the level of cover you will need. However, with the Internet now playing a part in the majority of transactions, it could be time to start looking more closely at your online footprint, and determining if cyber liability insurance is right for your business.