Cyber Insurance & Why Your Business Needs It

[DISPLAY_ULTIMATE_SOCIAL_ICONS]

Have you ever received a phishing email that looked so real that you almost clicked on it? What if one of your employees did? What if the virus they received were to spread not only to your computer, but to everyone’s computer in the office, and the worst possible denomination – your customer’s as well? You’re probably unaware that if this were to happen that your current insurance would not cover the damages it can cause because the average average plan does not take care of cyber risks. That’s why we’re going to review everything about the possible harms cyber attacks can on your business and what you can do to prevent them!

What is Cyber Insurance?

Cyber insurance is a specialized policy that is usually not included in your business insurance, and specifically protects your business, employees, and customers from various cyber risks. Cyber insurance will cover everything your business needs to get back to its normal operations. This includes any of the following: IT Specialists, Forensic Teams, Ransom Costs, Legal Costs, Compliance Costs, Public Relations, etc.

What Are Cyber Risks?

Cyber risks are frequent, unpredictable and can be expensive. They can happen to any business, large or small at any time. Common cyber risks include: 

Identity Theft
Identity theft occurs when you or an employee’s private information is used for fraudulent loans or crime. With just a few pieces of your personal information, like your driver’s license or social insurance number obtained, an identity thief can open credit accounts, secure loans or even enter into contracts in your name.
Data Breach
A data breach occurs when data is lost, stolen or accidentally made public. Under the Digital Privacy Act, every business has a legal requirement to report privacy data breaches if they are to happen, and if they do, expect possible backlash on the business name because a data breach is known to tarnish reputation.
Cyber Attack
A cyberattack occurs when a malicious person attacks a computer system or network on purpose. Attacks on business computers can happen in a variety of ways, including hacking, malware attacks, phishing your employees, or denial of service attacks.

What Does a Cyber Attack Look Like? 

From my experience, there are two common scenarios for cyber attacks of small businesses in Canada:

Scenario 1: Ransom

You come to work in the morning, just like every morning, but this time you turn on your computer and you receive a message saying that all of your customer’s information will be released unless you send a payment of $100,000. Pretty unnerving stuff, right! 

Scenario 2: Lockout

You come to work in the morning, just like every morning, but this time one of your staff tells you that they cannot access their computer. In fact, all your staff say they cannot access their computer. A hacker has encrypted all your computers and now your staff can’t work. 

Do you remember the last time you had a power outage at your office and all of your staff were just standing around? Scenario 2 is similar to that – uncontrollable and just plain frusterating. 

You’re Under Cyber Attack… Now What?

You do the same thing you do every time you have a problem with your computers or network, you call your IT specialist.  The specialist tells you it’s going to take at least a couple of hours or maybe even a day or so to sort this through. That means lost productivity, lost orders, lost customers, and lots of lost money. Although you have a plan in order now, this is everything you don’t want to hear. There’s not much worse than being a victim to a cyber attack. 

So How Does Cyber Insurance Help?

Cyber insurance is comprehensive and is there to get you, your staff, and your business back in action with minimal disruption.  Here’s how:

 

1. A forensic team is engaged to uncover the scope of the data breach and discover the source of the cyber attack.

 

2. The insurance company will cover the losses your business incurred from any disruptions to business operations. 

 

3. A public relations team is hired to help your business offset what might be the biggest hit to your business, reputation damage.

 

4. The insurance company covers legal support for the cost of legal fees and settlements if your business is sued because of a data breach.

 

5. The insurance company covers all costs incurred for notifying people whose data has been illegally accessed.

Is Cyber Insurance Expensive?

The cost of coverage starts at approximately $2,500 per year depending on the needs of your business. If you are looking for a quote, feel free to visit Wiseblott.ca and get a free quotation from the Wiseblott Insurance Team. They’ve helped hundreds of small businesses across Canada with all insurance related matters, including cyber protection.

Ok, So Now I Have Cyber Insurance, and I Get Attacked! What Do I Do?

Since you have a cyber insurance policy, all you need to do is call your broker – me, and I will immediately work with the insurance company to dispatch IT support to get you back online, a forensic team to solve the issue, a public relations team to manage your reputation, and any legal support. I work for you, not the insurance company, so I am here to make sure that the insurance company is supporting you until you are back to business as usual.  

What is the Digital Privacy Act and Do I Need to Report a Data Breach?

Under the Digital Privacy Act every business has a legal requirement to report privacy data breaches.  In the event of a material data breach, businesses are required to notify affected individuals and The Privacy Commissioner. It doesn’t matter how small your business is, since businesses of all sizes are required to report data breaches. Failure to comply can mean penalties of up to $100,000 per offence.

Remind Me Again, Why Does My Business Need Cyber Insurance?

  • It’s NOT covered by standard insurance.
  • Funds costly notification expenses required under the Digital Privacy Act if your business is hacked.
  • Enhances protection for your business brand & reputation.
  • Balance Sheet protection.
  • Part of “Play Book” for Data Breach Response Plans / Disaster Recovery Plans
  • Reassures the Board (Directors & Officers).
  • Funds business interruption financial loss and helps minimize disruption.
  • Responds to Cyber Extortion, Ransomware, Cyber Crime (e.g. Social Engineering Fraud)
  • Responds to contractual, vendor or supply chain requirements for cyber insurance.
  • Includes Insurer’s pre- & post-breach resources and crisis management.
  • Includes cyber & privacy liability protection.
  • Helps protect the data interests of your customers, stakeholders, volunteers, and employees.
  • Many broad coverage options available with Insurers at competitive premiums.

Key Features of Cyber Insurance Policy Coverage:

  • IT support
  • Forensic Review
  • Crisis Management
  • Cyber Extortion Defense
  • Worldwide Coverage
  • Data Breach Coverage & Notification Expenses
  • Business Interruption Loss
  • Brand/Reputation Support
  • Legal Support
  • Identity Fraud Alert Service

All small, medium and large businesses face cyber or privacy risks. These can include lost or stolen laptops, phones, thumb drives, employee error, malicious or criminal activity, unauthorized network access, or rogue employees. Often times these can lead to undeniable hardship, and every business should take action to ensure you’re protected. Make yourself aware of all of the harms of cyber attacks and familiarize yourself with the following Cyber Attack Glossary terms and definitions!

Cyber Attack Glossary

Exploit

A malicious application or script that can be used to take advantage of a computer’s vulnerability.

Data Breach

The moment a hacker successfully exploits a vulnerability in a computer or device, and gains access to its files and network.

Firewall

A defensive technology designed to keep the bad guys out. Firewalls can be hardware or software-based.

Malware

An umbrella term that describes all forms of malicious software designed to wreak havoc on a computer. Common forms include: viruses, trojans, worms and ransomware.

Virus

A type of malware aimed to corrupt, erase or modify information on a computer before spreading to others. However, in more recent years, viruses like Stuxnet have caused physical damage.

Ransomware

A form of malware that deliberately prevents you from accessing files on your computer – holding your data hostage. It will typically encrypt files and request that a ransom be paid in order to have them decrypted or recovered.

Trojan horse

A piece of malware that often allows a hacker to gain remote access to a computer through a “back door”.

Worm

A piece of malware that can replicate itself in order to spread the infection to other connected computers.

Bot or Botnet

A type of software application or script that performs tasks on command, allowing an attacker to take complete control remotely of an affected computer. A collection of these infected computers is known as a “botnet” and is controlled by the hacker or “bot-herder”.

DDoS

An acronym that stands for distributed denial of service – a form of cyber attack. This attack aims to make a service such as a website unusable by “flooding” it with malicious traffic or data from multiple sources (often botnets).

Phishing or Spear Phishing

A technique used by hackers to obtain sensitive information. For example, using hand-crafted email messages designed to trick people into divulging personal or confidential data such as passwords and bank account information.

Have more questions?

Jerry Wiseblott and his team provide insurance for small, medium, and large businesses in Canada. Click here to get more information about cyber insurance and to obtain a quote from the Wiseblott insurance team.

[DISPLAY_ULTIMATE_SOCIAL_ICONS]

Jerry Wiseblott

Jerry Wiseblott leads the Wiseblott Insurance Team. He has been helping Canadians with insurance for over 35 years. The Wiseblott Insurance Team, in partnership with KRG Insurance Brokers, is a one stop shop for all types of personal and commercial insurance. Visit Wiseblott.ca for more information or a quote.