Does your business hold personal data, such as customer names and addresses? Do you use online banking, take electronic payments or card payments? Got your own website?
Chances are that you’ve answered yes to at least one of the above – if not all of them.
What would happen if you were to experience a data breach, or fall victim to a malicious attack on your systems?
Until it happens to you, you might not realise the damage it can cause. Yet statistics show that you’re far more likely to fall victim to cybercrime than have your premises burgled.
There’s plenty that you can do to protect your business from cyber risks. But even for the most security conscious and digitally savvy, it only takes a momentary lapse of concentration – a click on a malicious email, or an unlocked laptop – and untold damage can be caused.
What can happen to my business?
Whether you’re a sole trader or a big company, the type of threat you might suffer from is the same. Yet smaller businesses are particularly prone to issues, as they often lack the expertise or resources to fully protect themselves, making them an easier target for cybercriminals.
Larger companies or institutions can never be complacent either, as the reputational damage caused by high-profile hacks, data breaches or mishandling of data is far-reaching and difficult to live down. Just ask TalkTalk, British Airways, MyFitnessPal, Marriott Hotels, Experian or Facebook, to name but a few.
Here are some of the issues that can occur within any business:
Human error – While computers, automation and artificial intelligence (AI) take care of a great deal of information, individual human mistakes are a very common cause of cyber issues. For example, an employee might open a phishing email and inadvertently volunteer confidential information; visit a spoofed website; or send data externally without password protection that is intercepted and compromised.
Extortion & Ransomware – This is where data or systems are locked down and made inaccessible until payment is made to cybercriminals. Perhaps the most high-profile example came when the WannaCry malware struck the NHS and organisations across the world in 2017.
Business interruption – There are many ways that cybercrime can impact on business operations. For example, if your website is taken down, your emails aren’t accessible, or your access to external systems stops working, then it can be difficult to continue trading as normal. Even businesses that don’t necessarily think they rely on data could be surprised by the impact of any of these things happening.
Data breaches – There are stories of data breaches every day. Take a look at the biggest data breaches of 2018 to see how widespread the issue is – and how it can impact your business severely. Which leads us onto:
Reputational damage – Businesses of all sizes will suffer if data falls into the wrong hands. Customers who find out that personal information they have entrusted to your business has been leaked, or misused by third parties, will not take too kindly to it, especially if there is any kind of financial impact upon them.
GDPR investigation – If your business is accused of not adhering to GDPR regulations, then you may be subject to investigation by the Information Commissioner’s Office (ICO), with the possibility of a hefty fine as a result. Such investigations are more common than you think and have affected all types of businesses, from small charity shops to multinational companies.
What can I do to protect my business against cybercrime?
The good news is that you can do a lot to protect against cybercrime. Some of the most obvious ways of ensuring strong security include:
- Having appropriate security software to protect against viruses, malware, spam and phishing attacks
- Using hardware and/or software firewalls on your network
- Ensuring strong security is in place on any wireless networks you operate
- Choosing strong passwords, and different passwords for each system you access – and change them frequently
- Ensuring compliance with GDPR regulations by processing data in the required way, including marketing only to those who have opted-in to communications
- Training employees to recognise the signs of phishing attacks and cybercrime, and to follow the correct policies and procedures when handling data
- Carrying out risk assessments to identify where threats may occur
- Security testing your own websites and data defences on a frequent basis
- Ensuring you have disaster recovery and business continuity plans in place for your digital assets, as well as your physical property
Even with the best will in the world, things can go wrong. This is where Bollington could help you.
Cover for cybercrime is relatively inexpensive in comparison with the financial impact it could have on your business. It can help to protect you in many of the circumstances listed above.
Additionally, you can add insurance cover for management liability – where directors or senior business managers can be held liable for data breaches, for example – and for physical damage to electronic equipment or the property it is housed in.
Financial crime is also an issue, where cybercriminals steal funds from a business bank account or trick you or your employees into sending money or goods to them. This is another area of insurance where Bollington could help you.
With access to leading insurers, we can help you to get back up and running following a cyber-attack, managing the risk of reputational damage to your business along the way.
Get advice and get protected against cyber threats
Find out for yourself how a cyber insurance policy can offer additional peace-of-mind for your business. Contact us for help and advice on cyber insurance protection.
If you already have insurance with us, get in touch with your account handler for more information. Alternatively, new and existing customers can call us on the numbers below to speak to a member of our team who specialises in your line of business:
Corporate Business & Motor Fleets – 0161 929 1851
Motor Trade Combined – 01625 854 443
Care & Charity – 01625 348 029
SMEs & Commercial – 01625 400 206