Research and reports
While cyber insurance is a relatively new worry for businesses, it’s not one that should be overlooked.
The internet’s opened up lots of opportunities for businesses all over the world – but it’s also opened up the possibility of suffering a cyber attack.
With hackers and criminals using more and more sophisticated techniques, most modern businesses that operate online should think about cyber insurance (if they don’t have it already).
Technology is always evolving. A huge chunk of our lives is now carried out online and businesses need to adapt to the risks this poses.
As consumers expect businesses to handle their information responsibly and tough regulations promise heavy fines for breaches, cyber insurance can help protect businesses against the threat of a cyber attack.
Any business that relies on computer systems and the internet is open to cyber attacks and should consider cyber insurance.
Think about cyber insurance if your business:
‘Cyber attack’ is a broad term that covers a range of different breaches, including:
Malware refers to software that’s designed specifically to harm data, devices and people.
Most people will have heard of cyber attacks achieved through the use of malware – including viruses, trojans, worms, spyware and ransomware.
The WannaCry ransomware attack in 2017 spread to 150 countries and affected organisations as diverse as Honda, FedEx and the NHS.
The malware infected computers and encrypted data, with the attackers demanding a ransom of around \$300 to unlock.
This is a broad category of cyber attack. It usually involves manipulation and social interaction, giving attackers access to sensitive data, information and accounts. It includes:
In 2017 The Register reported that as many as seven in 10 UK universities had been a victim of a phishing attack.
A freedom of information request led to seven universities disclosing they’d been targeted “more than 50 times in the 12 months prior to November 2016”.
A denial of service (DoS) attack targets a particular network and stops its intended users accessing it. The attack usually achieves this by bombarding the network with lots of traffic or information that then causes a crash.
In 2015 all of the BBC’s websites were knocked offline in a DoS attack. A subsequent BBC News report said a group called New World Hacking attacked the websites as a "test of its capabilities".
The ICO say a personal data breach is “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.”
Data breaches can result in a heavy fine. Under the GDPR rules for businesses, fines for non-compliance are higher than under previous regulations.
Businesses in breach are liable to a dramatic increase in fines, with penalties reaching an upper limit of €20 million or four per cent of annual global turnover, whichever is higher.
Businesses have a responsibility to report personal data breaches within 72 hours of becoming aware of the breach. If you need to notify the ICO about a breach and don’t do so within the appropriate time frame, you could be fined up to €10 million or two per cent of your global turnover. The fine can be combined with other corrective powers.
While cyber insurance can be an important cover to add as part of your business insurance policy, it’s also necessary to take all the right steps so you don’t fall victim to a cyber attack in the first place.
One of these steps is to have software installed on your systems to prevent cyber attacks. There are popular products out there from well-known names like McAfee, Panda and Avast.
Make sure you’re looking at business-standard products, because businesses working with lots of devices and multiple users are more open to vulnerabilities.
Check out our guide to the best antivirus software for small businesses.
There are lots of providers out there that offer cyber insurance.
It’s a good idea to shop around and compare policies, making sure the one you eventually go for meets all your needs.
MoneySuperMarket say that some cyber insurance providers will have criteria you need to meet before you can buy:
When looking for cyber insurance, make sure you check all the same kind of details you’d usually think about when buying a policy. You should also consider specifics around cyber insurance too:
Are you looking for cyber insurance? Let us know in the comments below.
Sam has more than 10 years of experience in writing for financial services. He specialises in illuminating complicated topics, from IR35 to ISAs, and identifying emerging trends that audiences want to know about. Sam spent five years at Simply Business, where he was Senior Copywriter.
We create this content for general information purposes and it should not be taken as advice. Always take professional advice. Read our full disclaimer
6th Floor99 Gresham StreetLondonEC2V 7NG
Sol House29 St Katherine's StreetNorthamptonNN1 2QZ
© Copyright 2023 Simply Business. All Rights Reserved. Simply Business is a trading name of Xbridge Limited which is authorised and regulated by the Financial Conduct Authority (Financial Services Registration No: 313348). Xbridge Limited (No: 3967717) has its registered office at 6th Floor, 99 Gresham Street, London, EC2V 7NG.