More than 70 percent of cyberattacks target businesses with less than 100 employees, and a recent report said that 60 percent of small businesses affected by ransomware went bankrupt within six months. Couple this information with information from Cybersecurity Ventures stating that, heading into 2021, businesses will suffer a ransomware attack every 11 seconds and cyberattacks will cost $6 trillion annually, and the FBI reports that digital crime increased 75% between March and June of 2020. These numbers are quite staggering, especially as many small businesses have undergone sudden transformations into remote work environments necessitated by COVID-19, however, most are not equipped to manage the security, risk, and technology demands that arise with work-from-home employees.
So, the question begs to be answered: how can SMB’s be better prepared to protect their business from the unique risk factors of cybercrime and be strategically positioned with a disaster recovery plan to rebound from what is ultimately going to be an inevitable occurrence? One of the most-often overlooked solutions, cyber insurance.
Many small and medium businesses, which often lack dedicated insurance or cybersecurity expertise, do not understand which coverages they might need, what cybersecurity standards must be in place to ensure valid claims are paid, or what to do in the event of a breach. Since business interruption makes up 36% of the cost of a cyberbreach according to the FBI’s Cost of a Data Breach Report, 2019 and lost business has been “one of the largest expenses of a cyberbreach” for the past four years, getting claims paid and systems back online can greatly reduce a company’s overall loss.
To the misfortune of small and medium-sized businesses, most do make adequate investments in their IT budgets and cybersecurity programs. As a result, SMBs often run outdated or unpatched software, lack proper password hygiene, transmit unencrypted data, or fail to properly secure endpoint devices – making them ideal targets for attackers. And last year alone, new small business cyber breaches increased 424 percent further solidifying this point. With such high levels of exposure and risk for SMB’s and an average small business spend of $955,429 to restore operations after a successful attack, it is shocking that 91 percent of small businesses do not have cyber insurance (and most traditional property & casualty policies do not cover cyber risk).
Simply purchasing a cyber insurance policy is only one part of the equation as most policies require protection systems in place along with regular compliance audits. Small and medium-sized businesses will be in a far better position by making a proper investment in partnering with a well-established Managed Service Provider (MSP) to not only evaluate and manage cyber risk to be policy-compliant, but also to ensure that their technology environment is in alignment with desired business outcomes. And, of course, one of the first questions to ask is if the MSP carries cyber insurance because there is a good chance that they are part of the 91% of SMB’s without it; if they don’t maintain at least $5 million in cyber insurance, take them off the consideration list!
CTN Solutions is a leading, award-winning, nationally recognized MSP and one of Greater Philadelphia’s fastest growing providers for outsourced IT and cutting edge cybersecurity solutions. CTN is partnered with a foremost authority in cyber insurance and maintains the highest standards of service excellence to consistently deliver client-focused, strategic technology directives.