Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions

Small Businesses Must Step Up Cyber Security Measures, Insurance Program


Small Businesses Must Step Up Cyber Security Measures, Insurance ProgramStudy Reveals Disconnect Over Cyber Risks Among Small Firms

Small businesses are the backbone of the U.S. economy, with one out of two Americans employed by a small company, according to the U.S. Small Business Administration. Yet small businesses are not doing all they can to protect their firms from the increasing risk of cyber exposures. In fact, a 2012 study by the National Cybersecurity Alliance reveals a real disconnect among small businesses when it comes to cyber security and the safety measures they employ. Seventy-seven percent (77%) say their company is safe from cyber threats such as hackers, viruses, malware or a data security breach. Sixty-six percent (66%) say they are not concerned about external threats (like a hacker or cyber criminal stealing data) or an internal threat, such as an employee, former employee or contractor/consultant stealing data. Moreover, 47% believe a data breach incident would have no impact on their business and it would be treated as an isolated incident.

The reality, however, is that the cost of a data breach can devastate a small business. According to the Ponemon Institute, data breaches cost U.S. companies $5.4 million per breach on average. That amounts to $188 per stolen record. This doesn’t take into account the potential liability issues for the target or the incalculable damage a data breach can cause on a business’ reputation. Business disruption alone can cost more than $937,000 per breach, the Ponemon Institute estimates. These types of expenses would damage most small business operations.  In fact, 60% of small businesses close their doors within six months of a data breach, according to 2012 research by Symantec. Furthermore, the research cites that at the end of 2011, 18% of cyber attacks were aimed at small companies; today this has increased to 36%.

But most small businesses have a long way to go to improve their online security practices. Take a look at the Symantec findings:

  • Nearly 9 in 10 small businesses do not have a formal written Internet security policy for employees
  • 69% do not have a contingency plan outlining procedures for responding and reporting data breach losses
  • 75% do not have policies for employee social media use on the job
  • 60% do not have a privacy policy for employees to comply with when they handle customer or employee information

These finding indicate unequivocally that small businesses must strengthen their online security measures to keep up with today’s fast-moving, ever-evolving threats. This includes conducting regular risk assessments to reveal hardware, software and individual site vulnerabilities; creating a written IT security policy that identifies critical assets and defines policies for physical security, account management, and backup and recovery among other areas; and leveraging firewalls, virtual private networks, anti-virus and anti-spam software and secure mobile solutions to secure network access and mobile devices.

In addition to mitigating their risk, small firms also need to safeguard their assets in the event of a loss with Cyber Liability insurance. Cyber Liability insurance coverage is designed to protect businesses against liability and expenses arising from the theft or loss of data, as well as liability and expenses arising from a breach of data security or privacy. Policies can be designed to cover: denial of service attacks or inability to access websites or systems; unauthorized access to, use of, or tampering with data; disclosure of confidential data (invasion of privacy); loss of data or digital assets (malicious or accidental); introduction of malicious code or viruses; cyber extortion or terrorism threats; regulatory action, notification, or defense expenses; crisis management and public relations expenses; data or system restoration and business interruption expenses.

Axis Insurance Services specializes in providing companies with Cyber or Privacy/Network Security Liability policy. We can tailor and secure a policy customized to the industry segment a firm serves. For more information about our products, please call us at (877) 787-5258.

Sources: National Cybersecurity Alliance, Ponemon, Symantec, Forbes

Comments

comments

Blogged on: June 4, 2014 by Mike Smith
Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions