by Terry Robinson, Technology and Cyber Risk Manager
When most business owners think about the risks to their business, they think about fire, theft, water damage and lawsuits. Your computer system is another area of risk than could cost your business a lot of time and money.
You have data. You have data on your employees and your customers. You have accounting information and billing information. You have proprietary business information. All of that is valuable and you need to protect it.
A data breach occurs when that data is accessed by unauthorized party This could be through the form of a hacker, opening a malicious email, visiting an infected website or an employee error. When you have a data breach there are data breach laws in place that say you must notify your customers or the affected individuals, you must provide credit monitoring, you must conduct computer forensics to determine the source and the scope of the breach. You may also be subject to fines and penalties. Another big part of a data breach is your public relations expense. Your business reputation is at risk. If your customers think you are not protecting their data, they may go elsewhere.
One of the biggest threats we saw last year was ransomware. Ransomware is when someone accesses your computer through hacking, a malicious email, visiting an infected website and encrypts your data files. The criminal demands a ransom to decrypt it, typically in the tens of thousands of dollars. This can prove to be costly for a business.
Another big threat we see is Social Engineering Fraud. In this case a cyber criminal posing as a manager of the business or the representative of a vendor tricks an employee into sending money to a fake account. This can cost a business tens of thousands of dollars. These are things that can happen to you and have happened to some of our clients.
Your responsibility as a business owner is to know what threat there are to your business, understand the laws that govern your business and what your obligations are as a business owner, have an incident response plan, conduct employee training and make sure you have the right insurance coverages in place to protect your business in case you are a victim.
At Morrow Insurance we can help educate you on current cyber threats and guide you to resources to help you secure your business. We can also check your policies to make sure you are covered either through your crime policy or through a stand-alone cyber policy.
Some business owners think they do not need insurance coverage if they are using a third-party service to host their data in the cloud. Most of the providers limit their liability in case of a data breach. Remember your customers provided their data to you.
Contact us at Morrow Insurance today for more information or to discuss your business needs. The next big threat is right around the corner. It could happen to you.