Imagine going into work on a Monday morning. Turning on your computer to find that you are completely locked out of your system. Every computer, every device is locked. Every single piece of information is deleted. Your company’s entire history and existence is GONE! You cannot access your email, your phones. You have no idea who owes you money. You have no customer database – nothing! Your entire business comes to a screeching halt.
Then you get an email demanding a huge sum of money for the “key” to get your database back. Your data is being held ransom by unscrupulous actors in some foreign country. The consequences are unthinkable!
This exact scenario happened to one of our biggest clients. They recently had a Cyber Security breach, which has resulted in them not having access to their computer systems for over a month now. They are currently still inoperable, and they are without access to any of their computer systems. This includes their accounting software, accounts receivables, company email, lists of vendor accounts, lists of client accounts, scheduling, etc., etc. They don’t even have access to their backups! They are completely locked out and are “sitting ducks”, if you will.
As you can probably imagine, this would be detrimental to ANY business. I can’t imagine not being able to open the office for one week, never mind a month before everything is back to normal. They are losing money each day while their systems are offline, with no indication as to when it could be fixed.
Many business owners are under the impression that something like this is covered under their Business Owner’s Policy or General Liability Policy. It is not! Even if your policy has some form of cyber endorsement, it is most likely very limited coverage.
Cyber Security has been much more of a growing concern for the past few years, as many industries have adjusted to the COVID-19 pandemic by hiring remote employees and moving to cloud-based systems. This, coupled with a surge in companies utilizing cryptocurrency and blockchain technology, have resulted in more fraud and cyber security issues than we have ever seen before. I’m not sure about you, but I have received more scam calls, emails, and texts over the past three years than I have ever seen before.
Now comes the list of questions: What can we do to prevent these issues? How can we protect our businesses from loss? Are there tools in place to help monitor these breaches?
First, all business owners should be utilizing an MSP or MSSP (Managed IT Service Provider). An MSP or MSSP is a business that specifically manages IT Systems for other businesses. They are well versed in Cyber Security and the inherent risk of storing/using sensitive information belonging to both individuals and companies, whether they are clients, vendors, employees, contractors, etc. An MSP or MSSP will also be your lifeline when filling out a Cyber Liability Insurance Application. Almost every Cyber Liability Insurance Policy contains a list of limitations and exclusions – an MSP/MSSP can help you follow common industry practice and make sure you have certain protocols in force so your claims do not get denied by your insurance company!
Secondly, all business owners should purchase a Cyber Liability Insurance Policy. They are relatively inexpensive when compared to other lines of coverage you should purchase as a business owner. It is extremely important coverage that most businesses do not currently have. A Cyber Liability Insurance Policy provides coverage for things like Breach Response and Remediation, Cyber Business Interruption, Dependent Business Interruption, System Failure, Dependent System Failure, Ransomware/Cyber Extortion, Digital Asset Damage, Cyber Crime, Client Funds, Invoice Manipulation, and much more.
Lastly, there are many tools in existence to try and minimize the risk you presumably take on as a business owner. For starters, working with an MSP/MSSP will likely be the best thing for you. They can implement most of the tools we would recommend. Our carriers actually provide tools to clients to allow them to easily identify and assess their risk. This helps to prevent attacks and losses before they occur. If these attacks/losses do occur, the carrier is there to help you quickly recover. Some of our carriers even offer a full suite of security apps for things like Credential Monitoring, automated threat and intelligence alerts, DDoS mitigation, security benchmarking, ransomware protection, patch management, and more at no additional cost!
Companies large and small are at risk. Don’t get caught without cyber liability insurance! You would be at the mercy of the hackers. Give us a call for a quote and a free cyber assessment of your company’s vulnerability.