What is a cybersecurity breach?
It’s an unexpected, unintended, and/or unauthorized interference with an organization’s technology systems or the data the organization maintains. Today it’s been redefined in simpler terms:
It’s the risks businesses are exposed to by their very existence.
Costly? Yes. And not surprisingly, some companies don’t even realize they have suffered a cybersecurity breach:
- 76% of business owners report that they believe it’s important to establish security practices and policies1
- But only 47% say they have established security practices and policies1
Who causes a breach?
When we think of cyber attacks, we usually think of a hacker inserting a virus or malicious code into a computer system or network. But data breaches can be caused both intentionally and unintentionally by various types of users:
- 52% of all data breaches (for small, medium, and large companies) are due to malicious or criminal attacks
- 48% of all data breaches are due to system glitches (non-employee errors) and employee errors
What could a breach cost you?
- It’s possible that a data breach could cost your business as much as $225 for each lost or stolen confidential record
- Small- and medium-sized businesses ended up spending over $1 million on average in 2017 on damage or theft of IT assets or infrastructure
- They also spent an additional $1.2 million due to disruption in business operations
That totals over $2 million on a single incident.
Could it happen to you?
Small businesses can be a target for hackers because they tend to be more vulnerable:
- 61% of small- and medium-sized businesses reported experiencing a cyber attack in the past 12 months, up from 55% in 2016
- Only 21% of small- and medium-sized businesses rated themselves a 7 or above on a 10-point scale when it came to their IT security effectiveness
What can I do to help protect my company against cyber attacks?
Here are some best practices:
Security and defense systems
Put multiple, overlapping security and defense systems in place. These include firewalls, data encryption and antivirus security software.
Alerts
Receive alerts for new vulnerabilities in vendor systems and platforms, and be sure to install any patches.
Password security
Implement a password policy to ensure the security and confidentiality of data.
Employee education
Educate employees on good security practices, and teach them how to spot phishing emails.
Disaster recovery plan
Develop a formal, well-tested disaster recovery plan. Update it regularly and make sure everyone involved in the plan understands his or her specific responsibilities.
Formal data retention, archive and destruction plan
Implement a formal data retention, archive and destruction plan and be sure to monitor it closely to ensure that it is followed.
Potential benefits of having cyber liability insurance:
- Cover legal fees and expenses associated with a data breach
- Pay for a professional information technologies review to determine the extent of personal data compromise
- Notify customers about the breach
- Restore control over customers’ personal identity, within the constraints of what is possible and reasonable
- Pay an outside firm to research, re-create and replace data lost or corrupted
Learn more about how cyber liability insurance can benefit your business from attacks and data breaches.
Will we be more susceptible in the future?
Cyber threats continue to grow as the Internet of Things (IoT) and the number of devices used by businesses continue to increase. Automated equipment, machinery, components, appliances, sensors, control panels and mobile devices increase the vulnerability of a computer system or network in several ways:
- They often utilize unsecured or poorly secured wireless or cellular networks to transmit data
- Mobile devices such as a land surveyor’s GPS equipment or an EMT’s mobile monitor are more susceptible to theft, allowing thieves direct, physical access to a network
- Connected equipment and devices can be hijacked and used to launch dedicated denial of service (DOS) attacks, allowing the attacker to hide behind someone else’s IP address and computer
- Connected equipment and devices that are widely manufactured and distributed, such as baby monitors, alarm systems and streaming devices often use the same security protocols on every device manufactured
Leave a Reply