Recognizing that a cyber breach is a likelihood, companies need well-planned processes to mitigate and manage operations before they become targets.
In this article, we discuss how to avoid cyber breaches and how cyber insurance can help protect your business.
As part of your planning, it is good practice to identify a cross-disciplinary team to engage when the crisis arises. With a team and plans in place, you can respond quicker to cyber threats or actual events. For resources, visit the FBI website.
Writing for WEF, Dmitry Samartsev, chief executive office of BI.ZONE, a digital risk management company, observed that a company’s employees are “the first line of defense against an attack.” He offered advice for cyber hygiene:
- Provide anti-phishing training. Teach personnel to recognize phishing emails and other tactics used to phish for a way into your company’s systems and network, and to immediately report, but not respond to, suspected phishers. Sometimes social engineers place friendly calls to probe for information.
- Stage simulated attacks. This may require engaging professional trainers.
- Give password help. Teach how to create strong passwords. Provide software to lock up employee passwords.
- Educate employees about how to handle customer information, billing and other sensitive data.
- Instill good habits. Never leave a passworded computer screen unattended. Never share passwords. Never reply to a suspected phisher. Never open unverified links.
- Give contact information for reporting a breach or possible phishing attempt.
- Make an ongoing investment in cutting-edge cyber defenses and training.
Anticipate breaches and prepare for fallout with insurance
The ways that nefarious individuals break into business information systems are pervasive, and the costs are high. Neither commercial general liability nor property insurance typically provide cyber coverage.
A standalone cybersecurity policy can potentially save your business, large or small, from decimation in the event of a successful cyberattack. As explained by the U.S. Cybersecurity & Infrastructure Security Agency (CISA), available coverages include the “costs arising from data destruction and/or theft, extortion demands, hacking, denial of service attacks, crisis management activities due to data breaches, and legal claims for defamation, fraud and privacy violations.” But most cybersecurity policies “do not cover physical damage and bodily harm caused by a cyberattack against critical infrastructure,” so another policy would need to be in place if that is a concern.
Ask for professional help
Insurance decisions can seem overwhelming, but we at McCartin Insurance can help you assess your needs by thinking through the potential costs and consequences of a cyber breach, including those risks unique to your business. We can then help you identify the appropriate cybersecurity insurance for your business from a selection of policies offered by a range of insurance carriers.
Call us, your Trusted Choice agent, today — before your business experiences a data breach or operations interruption or sustains network damage because of a cyberattack. With the right protocols and insurance in place, you can enjoy conducting business with the security of knowing you are both protected and prepared.