These statistics show us that the risks surrounding cybersecurity are only increasing, and it is important small business owners put plans in place to protect their livelihoods. But before we get into ways small businesses can protect themselves, let's define what exactly cybersecurity and cyber-attacks are.
What is Cybersecurity?
Cybersecurity refers to the confidentiality, integrity, and availability of an individual's or business entity's digital assets and networks. If cybersecurity is compromised, hackers can have access to business confidential information such as patents or intellectual property, and customers' and employees' personal information, including (but not limited to) account information, and banking information.
There are different types of cyber-attacks, phishing being one of the biggest threats for small businesses. The U.S. Small Business Administration's article Stay safe from cybersecurity threats defines phishing as "a type of cyber-attack that uses email or a malicious website to infect your machine with malware or collect your sensitive information." Typically, these emails include a link or attachment that infects your device when clicked.
Phishing made up more than thirty percent of cyber-crimes in 2020 according to Verizon's 2021 Data Breach Investigations Report.
So, with these risks, how can small businesses protect themselves?
How to Protect Your Small Business
There are several ways to protect your business from cyber-attacks, and effective cybersecurity should have a multi-pronged approach – “defense in depth” – starting with education. Specifically, employees need to be trained on what to look out for, especially on phishing tactics, accounts should have excellent passwords with two-factor authentication, networks should be protected (ensure by having a security expert check), and antivirus software should be used, among other things.
One critical protection for yourself and your small business that should not be overlooked is cyber insurance.
What is Cyber Insurance?
According to Selective Insurance's in-house cyber insurance expert Jeff Weaver, AVP, Management Liability, "Cyber insurance, simply put, is insurance for loss or harm resulting from breaches of your cybersecurity. It responds in a number of different ways to protect you from financial loss, reputational harm and other damaging hazards that arise from a cyber-attack."
Essentially, in case of a (covered) cyber-attack, insurance will help ensure data or money lost can be tracked and returned if possible.
For instance, Selective's Cyber Liability Insurance provides coverage attacks such as cyber extortion, privacy breaches, fraudulent instruction, First Party Network Business Interruption, etc.
Although cyber insurance can seem intimidating at first, independent insurance agents can simplify it for you.
Ramon Ray recently took part in a seminar hosted by Selective Insurance, where the speakers broke down cyber insurance for the audience and answered audience members' questions. Events like this are great for making insurance accessible.
There are many different agencies that offer cyber insurance, with different plans so you can find something that works for your business, and your budget. We recommend you do find one.
According to the Selective and Appalachian State University's study, "only 20% of small businesses surveyed carry cyber coverage." With 44% of small business owners being concerned about cyber threats, they have not taken one of the most important steps to protect their businesses against cyber loss.
Put your worries to rest by putting a plan in place to protect your business by educating your employees on best practices and purchasing cyber insurance to protect your small business and the customers you serve.
About the Author
Mike MacMullin is Vice President of Small Business and leads a number of initiatives that enhance Selective's small business operations, including technology and service model advancements. Mike's career at Selective has spanned more than 18 years, where's he built a diversified background in roles that have well-positioned him to lead Small Business, including Vice President Enterprise Program Management Office; Vice President, Information Strategy and Knowledge Management; Assistant Vice President, Personal Lines Operations Program Manager; and Commercial Lines Underwriter.