Selling Cyber Policies to Small Businesses

According to Symantec’s 2016 Internet Security Threat Report, 43 percent of phishing attempts targeted small businesses in 2015. Despite this figure, only five percent of small and medium-sized enterprises (SMEs) are believed to have a cyber insurance policy in place. While businesses of all sizes are aware of the potential impact cyber-risk has on the organization, decision makers choose not to purchase cyber insurance for a variety of reasons. To help small businesses make the decision to purchase cyber insurance, a PropertyCasualty360 article explains there are a number of things a broker can do to help SMEs offset that risk.

IBM’s 2016 Cost of Data Breach Study puts the average cost of a data breach at about $4 million, with the average stolen recording costing about $221. With the increasing number of cyber-threats in the United States, a cyber-attack falling on your organization is almost inevitable. Compared to the potential loss following a data breach, the decision to purchase cyber insurance may ultimately be the reason an organization is still functioning. Not to mention, cyber liability insurance is not nearly as expensive as many perceive – relative to other lines of insurance, basic cyber liability coverage is actually fairly inexpensive. Brokers must also explain to SMEs that data on the cloud does not guarantee safety. Cloud providers often have hold-harmless agreements, meaning the provider is exempt from any liability accusations if all or any data is lost from a data breach. Lastly, while data breaches making headlines usually involve large corporations or government entities, cyber-attacks are happening on SMEs every day, in every city. Small businesses owners must understand they are just, if not more likely to be the target of an attack, primarily due to inadequate cybersecurity practices. Cyber insurance can not only help mitigate the risk on the back-end, but it can also ramp up cybersecurity practices on the front-end due to employee training opportunities and mandatory cybersecurity requirements. While it is important that organizations of all sizes strive to protect their data and stop a breach before it occurs, a cyber liability policy can at the very least, help hedge the costs of a data breach if one were to occur.