Last year, the average number of cyberattacks and data breaches increased by 15.1% from the previous year – and this number has continued to grow. Additionally, threat actors are becoming more advanced in their cyberattacks. Business owners may think that cyber threats are targeted towards enterprises or corporations exclusively, but unfortunately, this isn’t true. In fact, more than 40% of small businesses have already experienced a cybersecurity breach, according to a recent survey from Intuit QuickBooks. The information that a small business has like customer data, payment information and more, is valuable to threat actors – making them an attractive target for cyber criminals.
The risk for small businesses is great: attacks like phishing and ransomware can be costly, locking files until a steep price is paid. Notably, there was a 40% increase in ransomware attacks on small businesses this year, which involves cyber criminals using malware to take over and encrypt a victim’s files and data and holding the data hostage until they’re paid to release it. Furthermore, cyberattacks can cause irreparable reputation damage if they become public information, again impacting a business’s bottom line.
While tightening security protocols to guard against an attack in the first place, it is recommended that small to midsize businesses also invest in cyber insurance to protect themselves. This is particularly critical since most cyberattacks aren’t covered by general liability insurance, leaving businesses in an extremely difficult position should they encounter a breach. Here are three more reasons business owners should consider cyber insurance.
Increased complexity of threat actors
The most common attacks experienced by SMBs include malware, viruses, ransomware and phishing – according to the SBA. With advancements in technology, threat actors are becoming more sophisticated in their attacks. As mentioned, many small businesses typically think that they won’t be a victim of cyberattacks, but 58% of cyber losses targeted SMBs in 2020 and 80% of victims are attacked a second time, according to the cybersecurity firm Cybereason, so small businesses shouldn’t feel immune to cyberattacks. As these threats become increasingly complex, owners need to be more vigilant than ever. Attacks that may have previously not been a concern for a small business owner should now be top-of-mind. Ultimately, as threat actors become more complex, the likelihood of an attack is increasing and it’s important to be prepared.
Cyberattack impacts can be devastating for SMBs
Unfortunately, small businesses have a lot to lose if they suffer a cyberattack. Where larger businesses typically have more resources to help them bounce back, a cyberattack on a small business can have lasting effects. According to the National Cyber Security Alliance, an estimated 60% of small businesses will fail within six months of an attack. Furthermore, the Better Business Bureau (BBB) reported that the annual average loss from cyberattacks is estimated at more than $79K for an SMB. Whether data is lost or a ransom is demanded, this can be incredibly damaging to a small business, making cyber insurance a vital service to have. Securing cyber insurance before an attack happens can help mitigate its effects.
Insurance plays a role in protecting against attacks
Cyber insurance has many retroactive benefits following an attack, which can make a significant impact on a SMBs bottom line. Some cyber insurance does offer proactive measures, including defending against privacy, security, and operational risks – so it is important to seek an option with this in mind. Should an attack happen, it also helps cover legal fees and expenses. Additionally, cyber insurance can provide many other means of protection, including tasks such as IT forensics, negotiation and payment of a ransomware demand, recovering compromised data and notifying customers of a data breach. Beyond this, cyber insurance can offer public relations expertise, credit monitoring and identity restoration, and aid losses that arise from security failures and system failures.
As technology continues to evolve, the risk for cyberattacks becomes more extensive and complex. It is therefore crucial for business owners to secure the strongest and most protective cyber insurance plans. Small business owners in particular shouldn’t feel that they are immune to attacks due to their size, because cyberattacks can happen to any business, and have been increasingly targeting small businesses. Once secured, business owners should also regularly check in to confirm that their insurance plans are up-to-date and cover all potential cyberattacks, especially as the threat landscape evolves.
Parth Shukla is the Group Manager of Intuit QuickBooks Insurance.