It might be easy to dismiss cyber crime as completely irrelevant to your business on account of its small nature — who would actually take the time to exact a cyber crime against your small business when they could be hitting the big leagues, right?
The reality is that cyber crime is believed to cost Australian businesses — of all sizes — around $4.5 billion a year, but despite that, so few businesses are insured against it.
In fact, small businesses have been the slowest to protect against cyber crime, making them more vulnerable to the threat.
When you consider that almost all businesses have an internet presence or make use of the internet in their everyday business dealings, it becomes pretty clear that cyber crime presents a risk to even the smallest businesses.
Pretty much every business — be it big or small — will be reliant on data to some extent. Such data can include employee profiles, private corporate information, any identifying numbers (like Medicare and driver’s licence numbers), and information of a personal nature about customers, budget details and credit card information. The consequences of such data being breached and made public can be wide-ranging.
So, let’s have a look at cyber crime and insurance a little further so that you can make a more informed decision about whether or not it’s worth looking into for your business.
In basic terms, cyber crime is a blanket term for any type of activity of a criminal nature that is carried out using a computer and/or the internet.
Cyber crime includes all of the following:
When you consider that almost all businesses have an internet presence or make use of the internet in their everyday business dealings, it becomes pretty clear that cyber crime presents a risk to even the smallest businesses. Criminals don’t necessarily need to hack your systems to commit cyber crime; if they manage to get their hands on a laptop, iPad or mobile phone belonging to your business (either because it has been stolen or left unattended), they have easy access to your information and are able to more easily commit their crimes.
The ways in which cyber crime can affect your business are actually a lot more expansive than one may have initially thought and are usually not contained to a defined period of time; rather, the effects tend to be ongoing and costly.
Beyond the general business interruption, a breach of data that results in personal information of customers or employees being made public can result in significant fines, legal fees, and costs associated with investigating the breach and notifying customers of the potential effects it may have on them.
Consider also the loss of business. Your existing customers are unlikely to continue being your customers if their personal information becomes public — and even if a cyber crime committed against your business doesn’t directly affect them, the fact any crime was able to be committed at all will leave them feeling uneasy.
A cyber crime against your business could also affect your reputation and drive away potential customers who may think twice about dealing with you given your company’s cyber security shortcomings.
Yes, there are certain things you can do to help minimise the risk of a cyber attack and these things include all of the following:
If all of this sounds like gibberish to you, don’t feel bad. The reality is that most businesses aren’t aware of the extent to which they need to have such things in place to protect themselves and their information, which often leaves them incredibly vulnerable to cyber criminals.
And, unfortunately, even if you do have all the right systems and software in place, your business is still at risk — particularly if your business involves the collection of customer information, including personal, credit card and bank details.
Although policies will vary between insurers, a typical cyber insurance policy is designed to help you with both preventing breaches in the first place and dealing with them if and when they occur. Cyber insurance policies usually include the following:
Small businesses have been the slowest to protect against cyber crime, making them more vulnerable to the threat.
The best way to determine if cyber insurance — and the threat of cyber crime — is of relevance to your business is to talk to a trusted business adviser, who knows the ins and outs of your business operation, and/or an insurance broker who is unaffiliated with any particular insurance company.
If you do seek the advice of a broker, try to make sure the broker is someone who has some advanced knowledge or expertise in the area of cyber insurance. Given the relatively “new” threat of cyber crime and the relative infancy of insurance to protect against it, brokers aren’t typically as knowledgeable in this area as they usually are when it comes to more basic and established insurances. Ultimately, it’s always important that you are talking to someone who knows what they’re talking about.
As always, don’t be afraid to ask as many questions as you need to have a solid understanding of your insurance needs, the threats such insurance is designed to guard against and the details of any policy you are considering purchasing.
Important disclaimer – Steadfast Group Limited ABN 98 073 659 677, its subsidiaries and its associates.
The views expressed are those of the author only and do not necessarily reflect those of Steadfast.
This magazine provides information rather than financial product or other advice. The content of this magazine, including any information contained on it, has been prepared without taking into account your objectives, financial situation or needs. You should consider the appropriateness of the information, taking these matters into account, before you act on any information. In particular, you should review the product disclosure statement for any product that the information relates to it before acquiring the product.
Information is current as at the date articles are written as specified within them but is subject to change. Steadfast, its subsidiaries and its associates make no representation as to the accuracy or completeness of the information. Various third parties, including Know Risk, have contributed to the production of this content. All information is subject to copyright and may not be reproduced without the prior written consent of Steadfast Group Limited.