Why your business needs cybercrime insurance right now - Blog

By Staebler Insurance On Nov 8, 2017

It wasn't long ago that the idea of "cyber crime” would have been a punchline on a late night talk show, or a plot point in The Matrix, but if the past year of high profile hacks and cyberattacks have taught us anything, it's that the world has changed.

From monolithic corporations like Sony, to random Facebook users posting updates about their day, it seems nobody is safe from the slimy tendrils of cybercrime anymore. Unfortunately, that includes your business. If you collect any kind of customer data such as credit card numbers or personal details, or work with any kind of information that could be considered sensitive or confidential, you have a target painted on your back.

Cybercrime insurance is an investment in your business' future that you need to make right now.

Your data is one of your most important assets

No business owner would ever leave the till to the cash register open. No manager would just assume the door to the loading dock was locked before leaving for the night. It's easy to understand security when the things at risk are physical and plain to see, but for many businesses protecting their digital assets is significantly more difficult.

Data is every bit as valuable as any other asset your business owns, in many cases it can be your most valuable asset. This isn't just true for large businesses, but for an increasing number of mid-sized and small businesses as well. But, while those large businesses can afford dedicated IT departments that understand information security and actively work to protect themselves, smaller businesses are forced to make due with off the shelf security programs - the digital equivalent of the lock on a screen door. This isn't due to a lack of care or awareness on their part, but a matter of scale and ability.

When you think about how a single breach can utterly ruin a business due to both the liability involved, things get scary. When you combine that with how likely it is that your business will eventually be the target of a hacking attempt, they get downright terrifying. If you can't guarantee your digital safety, it only makes sense to seek extra protection in the form of cybercrime insurance.

Cybercrime isn't limited to the digital world

When we think about cybercrime, we tend to picture online attacks. Distant hackers working their nefarious schemes from an unknown location. More and more though, cybercrime has a convenient physical weak point we tend to forget about – your employees phones and laptops.

We all carry portable computers on us nowadays, and many of us use them for work. What happens if an employee forgets their phone, which as all their emails and login passes for work in a restaurant? Or if a work laptop is stolen at the airport, a home burgled and their PC they use for remote work taken. Suddenly, all that sensitive data is floating around loose in the world and you have a big problem.

Even if no data is actually stolen, a responsible business has to address the situation as if it could have been. That means you have to notify anyone potentially involved, including any business partners who may have sensitive information exposed, any clients, and (in a worst case scenario) potentially thousands of customers depending on the device and what data it had access to when it was lost. Forget the potential law suits, even just notifying all the effected parties and racing to re-secure all the data can be an expensive nightmare in it's own right.

Even if you have great information security and go to pains to secure your data, you can't prepare for every possible type of breach. There will always be an unaccountable human element that will leave your business vulnerable. Cybercrime insurance can help mitigate the costs involved in a such a disaster so you can respond quickly and without irreparably damaging the business.

2017 has been a banner year for ransomware

Targeted hacking has long been a thorn in the side for businesses, but the latest trend of cybercrime, ransomware, is something else entirely.

Ransomware is not designed to breach your security, capture your database, and rifle through the contents for exploitable information like credit card numbers and passwords. Instead, it's just designed to infect your system and hold all of your data hostage unless you pay a ransom. If data breachers are the cat buglers of the cybercrime world, ransomware users are the leg breaking thugs swinging around baseball bats. It's not subtle, it's not hard to do, and worst of all, it's effective.

2017 is notable for having already witnessed some of the largest wide-scale cyber attacks in the world. On Friday May 12, the WannaCry worm encrypted and locked down computers around the globe. Over the course of a single weekend, more than 300,000 computers were infected, and it could have been much worse. A simple flaw in the worm allowed a security blogger to remotely deactivate the malicious code and halt it from spreading any further.

It should not be comforting that the only reason this crisis was averted was due to incompetence on the part of the perpetrators. Nor should we be particularly thrilled at the idea that such an apparently amateur piece of code could do so much damage. What happens the next time a major ransomware attack spreads out of control and the developers don't leave in an easy kill-switch for a blogger to find? How would your business survive if you came in on Monday morning to find all your data held hostage to a steep ransom fee?

Cybercrime is not just about fraud anymore, but espionage

While we're talking about WannaCry, let's take a second to examine who was behind it and why. When WannaCry first hit, it was assumed that it was a runaway ransomware operation constructed by shady criminals hoping to extort as much cash as they could. Turns out, the situation is a little more murky than that.

In the months following the attack, the American NSA declared they are "moderately confident” that North Korea's spy agency, the Reconnaissance General Bureau had a hand in the attack . As with most shadowy matters of national security, there is some debate surrounding the details of of North Korea's involvement and the motivations behind such an attack, but that is hardly what should be bothering us. The fact is, this is just an early example of what will soon become a regular occurrence. Governments around the world are gearing up for more cyberwarfare and one day soon it will be your data caught in the crossfire.

Now is the time to invest in cybercrime insurance

We are moving towards a digital future. No matter how much technology you use in the operation for your business now, you can expect to use more in the future. With that in mind, and looking at the ever increasing frequency and variety of cybercrime out there, the day your business is faced with a major cyberattack is less of a matter of "if” but of "when.”

Don't let some cybercriminal bring down your business with a few strokes of a keyboard. Contact your Staebler broker today to learn how you can protect yourself with cybercrime insurance.