If you are a small to midsize business (SMB), you need to know what cyber insurance is and you need to know why you should consider getting it.
The short answer to “why” is that cyber attacks are increasing rapidly. In 2020, daily ransomware attacks jumped by 50%. A ransomware attack was also responsible for the biggest attack on a US energy system with the attack on the Colonial Pipeline. The ransom for that attack was 4.4 million dollars, but the cost was much more than that as it resulted in gas shortages and gas price hikes all across the country. The largest reported ransom payment was in the ransomware attack on JBS to the tune of 11 million dollars; and the largest reported ransom demand was against Acer at 50 million dollars.
Cyber crimes are costing everyone and it actually could be seen as the third largest economy on the planet, just below the US and China. Damages due to cyber crime are obviously rising as well. For instance, in 2019, these damages amounted to 4 billion dollars. By 2020, it was up to 7 billion dollars, but after the events of 2020, it’s expected to reach 28 billion dollars within the next five years.
Damages due to ransomware attacks are rising even more rapidly. These amounted to 24 million dollars in 2015, 209 million dollars in 2016, and they took a massive jump to 170 billion just last year.
Cyber crime grew exponentially in 2020 and much of the blame can be put on the changes we were forced to make because of the COVID pandemic. In 2020, a person, business, or device was attacked by ransomware every 10 seconds as 70% of the American workforce began working from home. The sudden switch to remote work meant that IT departments had very little to no time to prepare their security protocols for remote access and the use of personal devices. They also had no way of monitoring all avenues of potential attack across personal devices, personal networks, multiple data sharing apps, and cloud services. All of this meant that the door was left wide open for cyber criminals to walk right in and take what they wanted.
Of course, remote work is not the only culprit. The ever expanding reach of connectivity across the global population also means that there are more people and more devices to exploit. It’s predicted that, by 2023, 5.3 billion people will have internet access and there will be 3.6 connected devices for every person on the planet. By 2022, world data will more than triple, and half of that data will be stored in the cloud.
For all too many SMBs, there was far too little standing in the way between cyber criminals and company data. In fact, 45% of SMBs say that their security protocols would be ineffective against a ransomware attack. Sadly, 66% of SMBs have experienced these attacks in the last year, and 60% of them experience business failure within 6 months of a data breach.
The problem is that many of the most common security measures can be too easily circumvented. Two factor authentications, strong passwords, and password management apps can all be easily hacked. Just one successful ransomware attack can result in the loss of money, productivity, privacy, and reputation.
This is where cyber insurance comes in. Cyber insurance doesn’t protect against the attacks, but it does protect your business and help get things up and running again. It’s a valuable tool to fall back on should the unthinkable happen. Cyber insurance policies often cover up to $1 million in damages. Coverage includes profit losses, including reputation damages and halted operations; liabilities, including penalties and media fines; and lawsuits, including class-actions and regulatory investigations.
Cyber insurance isn’t the answer to every concern relating to cyber crime, but it may be what keeps you in business should you fall victim to a ransomware attack.