Cyber attacks are becoming more and more common, especially against smaller businesses. During the past year, 43% of cyber attacks targeted small businesses. The main industries that reported the most incidents were professional services, healthcare, and financial services.
As you use more advanced technology to run your business, the more likely you are to be exposed to cyber threats. No matter what size business or industry, a cyber attack threatens your finances, disrupts operations, and can harm your reputation.
“To protect your business from the devastating fallout of a cyber attack, it’s critical to protect yourself with a robust cyber insurance policy,” said Dan Thompson, insurance agent and founder of Dan Thompson Agency in Raleigh. “It’s bad enough what COVID has done to our local businesses, the last thing you need is for someone to hijack your business right now.”
Cybercriminals are after all types of data
A cybercriminal’s main goal is usually identity theft of individuals and businesses. They are after personal information like:
- Social Security Numbers
- Bank account information
- Credit card numbers
- Medical information (used to submit fraudulent insurance claims)
- Other critical files
Cyber Protection Begins with Prevention
With this growing chance that a business will suffer a data breach or computer attack, you must also invest in better digital security. There are preventive measures you can take to block some cyber attacks, especially the rising threat of a business email compromise and other phishing scams.
A business email compromise is when a cyber criminal impersonates a familiar business partner through email. The cyber criminal typically asks for a customer’s payment to be redirected to a new account, and, if the ploy works, the recipient of the email instructs the customer to change payment methods, thus paying the cyber criminal instead of the appropriate company.
Best Practices to Minimize your Risk of Email Compromise
- Protect your email system. For cloud-based systems, a key safeguard is to implement a multifactor authentication, which requires more than one step to verify a user’s identity.
- Don’t trust an email just because the sender’s name is familiar. The email account may have been compromised and be under the control of a cyber criminal.
- Never follow new instructions without first verifying with a phone call. Do not reply directly to the email to verify changes – you should always call your business partner to ensure the legitimacy of any changes in the payment process or for other suspicious requests.
“There are so many ways to get into someone’s information,” added Dan Thompson. “Someone could do something as subtle as adding in a period to the email address or slightly misspelling a name so the sender still looks familiar. It gets opened and then they are in your system.”
Other ways to recognize scams include:
- Pop-ups. If a webpage suddenly appears requesting a username and password or other personal details, be leery
- Be skeptical of urgent requests
- Verify the destination. Hover over links but don’t click if it looks suspicious
- Look closely at attachments before opening. See if the file name seems appropriate for the sender
- Analyze the content of the email and time of day. Is the language suspicious or cadence not typical of the sender?
Cyber Security Insurance Protects Against Computer-Related Crimes
You could lose business and a lot of money due to a phishing attack or ransomware demand. In fact, 27% of malware incidents can be attributed to ransomware. A cyber insurance policy is designed to cover privacy, data, and network exposures. It also protects your business’s liability to third parties that may have suffered damage due to security weaknesses in your business’s computer system.
With cyber insurance, you’ll be better positioned to mitigate the impacts of a cybersecurity incident. Depending on your policy, cyber protection could pay for:
- Restoring a computer system
- Recovering or recreating data
- Business interruption loss
- Loss of income
- Increased cost of business operations after the attack
“It’s important to have good cyber coverage and you need ransom coverage unless you can afford to be put out of business for a while,” said Thompson. “No matter how good your cyber security system is, nothing is fool proof and human error can be introduced.”
Dan Thompson Agency works with many carriers that offer cyber security protection and one that specializes in ransom coverage.
“I like to do an annual review with my clients to make them aware of new risks,” he added. “If you’re a business owner, you need to be considering firewall protection on your computer system from your IT folks and you definitely need a robust cyber insurance as well.”
We hope this information on cyber security helps protect you and your customers. If you have any additional questions, please contact an agent at DTA.