Cyber Security for Prevention and Cyber Insurance for Recovery

Have you heard of the cyber insurance trend, and do you know why you need it? For small to midsize businesses, cyber insurance could possibly mean the difference between failing completely or getting back up after a successful ransomware attack. Cyber insurance doesn’t cover everything lost from a cyber attack, but it does give a nice cushion to land on so that businesses don’t have to rely only on their own resources to make a comeback. 

So what does cyber insurance cover? For SMBs, cyber insurance often covers up to 1 million dollars in damages. That coverage includes profit losses, including reputation damage or halted operations. It covers liability, including contract penalties and media fines. It also covers lawsuits, including class-action and regulatory investigations. 

What cyber insurance does not cover are things like physical property, such as replacement of damaged or “bricked” devices. It doesn’t cover future loss of profits, ie. long term losses after a cyber attack. It also does not cover intellectual property, such as loss of company value or leaked data. In 2020, some cyber insurances also stopped covering ransoms as these demands grew too expensive for insurance companies to bear. They instead began limiting coverage to other damages, as mentioned above. However, even though it doesn’t cover 100%, it still may be the gap-fill that SMBs need. 

By 2028, spending on cyber services will grow to 193 billion with SMBs putting 5-20% of their IT budget into preventing attacks since cyber attacks are rising dramatically. The pandemic of 2020 sent 70% of the American workforce to their home offices and other remote locations. Unfortunately, personal devices and home networks opened up a whole new realm of attack for cyber criminals. Remote employees are not under the umbrellas of company security measures and IT departments are unable to see the security holes in each employee’s personal devices and home networks. 

All of this means that the cost of damages due to ransomware attacks grew to $170 billion last year, compared to $24 million just 5 years ago. Sadly, this can be hardest on SMBs. In the past year, 66% of SMBs have experienced a cyber attack and 45% of them do not believe that their current security measures would be effective against a ransomware attack. Worse yet, 60% of those who experience a successful ransomware attack will go out of business within 6 months after that breach. 

This is why cyber insurance is important. It can’t cover everything that cyber attacks damage, but it can be enough for businesses to stay afloat even after a breach. Good security measures combined with cyber insurance may be the best way to protect your SMB.