There is a common misconception that cyber attacks target large companies and small to medium enterprises (SMEs) are not under threat.
In fact, SMEs are often at greater risk from cyber attacks as they do not have the sophisticated security systems that larger organisations can afford and, if they are attacked, the consequences can be higher due to the amount of time and resources needed to mitigate the attack.
Large companies tend to have dedicated IT teams and extensive cyber protection software, while many SMEs focus their time on running their business and servicing customers, so cyber security becomes an afterthought.
Cyber protection insurance
Cyber protection insurance is an important line of defence for all businesses to help protect and recover in the event of an attack. Typically, cyber insurance will include the following features to protect your business:
- 24/7 coverage – Most cyber insurance policies include 24/7 incident response and claims management process from initial notification through to a resolution, providing you with peace of mind when an attack occurs.
- Privacy breaches – Cyber insurance policy will cover claims against you for a privacy breach and loss of employee, personal or corporate information. SME businesses must comply with various laws and regulations related to data protection and privacy. Failure to comply can result in hefty fines and legal consequences.
- Loss or damage to your IT systems – losses due to data recovery and business downtime can be time consuming and costly. This is covered.
- Loss of brand reputation – A cyber attack can damage your business’ and you’re your personal reputation. It can lead to a loss of clients and can impact future revenue streams.
When choosing a cyber protection insurance policy, business owners should consider:
- Coverage: ensure that the policy covers the types of cyber incidents that are most relevant to their business, such as data breaches, cyber extortion, and business interruption.
- Limits: consider the limits of the policy, which determine the maximum amount that the insurer will pay out in the event of a cyber incident. The limits should be sufficient to cover the potential costs of a cyber incident.
- Deductibles: consider the deductibles, which are the amount that the business must pay out of pocket before the insurer will pay out. Higher deductibles can lower the cost of the policy, but may also increase the financial burden on the business in the event of a cyber incident.
- Exclusions: review the policy’s exclusions, which are the types of cyber incidents that are not covered by the policy. SMEs should ensure that the exclusions do not leave them vulnerable to significant financial losses.
In addition to cyber protection insurance, staff training is an important mitigation step. Other protection measures include implementing patches, data encryption, and strong password management.
When a cyber incident occurs, timing is paramount – every second counts. Fast action to minimise the loss and manage the ramifications can play a major role in limiting the size of the claim, the length and cost of business interruption and the damage to your brand and reputation. Cyber protection insurance can save your business thousands in the long run.
If you have any questions regarding this article or to discuss your business insurance needs, contact your Bentleys Advisor or email us at [email protected] or call +61 3 9018 4666.
The information in this website is general information only and may not be suitable for your individual circumstances. You should obtain professional advice and consider the information in the relevant product disclosure statement or policy wording before deciding to purchase a policy.
Bentleys Insurance Services (Vic) Pty Ltd ABN 19 655 057 408 is an Authorised Representative CAR 295697 of Insurance House Pty Ltd ABN 33 006 500 072 AFSL 240954.