A cyberattack is a deliberate attempt to breach or damage a computer system or network. According the Canadian federal government, a single cyberattack can cost a business an average of $15,000.
These costs could include lost revenue (i.e. if the business is unable to use its computer system because of the hack), costs to notify clients, computer experts hired to evaluate the hack’s impact, and legal fees.
Business owners can be used if customer information is compromised from a cyberattack. If you’re a business owner and aren’t sure if cyber insurance is right for you, here are some questions to ask yourself.
Are computers or mobile devices used for your business operations?
If you answered “yes,” consider cyber insurance. Here’s why:
- Handling the result of a cyberattack could be costly
One way a cyberattack could occur is downloading a virus from an email. For example, if you clicked on a link in a spam email, you could get a virus. The “attack” could lock you out of your computer, erase data or, result in ransomware. “Ransomware” is software which won’t allow you to log in to your computer until you pay a certain amount of money. Cyber insurance could help with costs to repair your data from a cyberattack and, depending on the insurance policy, cover ransomware attacks.
- If sensitive personal information is exposed, you could be sued
If you have sensitive information (such as customer credit cards numbers) on your computer or in a cloud-based server, you could be sued if this information is leaked from a hack. In particular, you could be sued if a customer is directly impacted by the hack. For example, if your computer system was hacked and a customer’s credit card information was released online, and they received more charges, they could sue. Cyber insurance could help with legal fees.
- Financial resources could be needed to notify customers of a hack
If a business is hacked, alerting customers could be costly. For example, it could cost you to restore your customer email list. Cyber insurance could help with this type of cost.
Do you have employees?
If you employ staff members and they can access customer or business-related information from a computer or external login, educating them about cyberattacks is important. Here are some points to share:
- Don’t click on links in an email unless you know they’re legitimate. Hover your mouse over the link to see the link destination – it could show a different URL or email address.
- If there’s a concerning email, share information about the email with the team. This ensures everyone is aware about a potential scam.
- For information which needs to be accessed off-site, use a secure network. Public WiFi can be easily hacked.
- Change passwords on a regular basis. If employees have multiple logins, you could look into software programs which manage and store this type of information.
- Make frequent backup copies of important data and keep at least one backup off site.
If an employee makes an error and accidentally downloads a virus, customers could sue if their information is compromised. Cyber insurance could help with these expenses.
For business purposes, do you use laptops?
If laptops are used by you or your employees to access company-related information, it’s important to take the following measures:
- Keep the laptop in a safe and secure location. If it’s easily viewed, such as on a car seat, it could be stolen. If this happened, computer data could be compromised.
- Encrypt all data. When you encrypt files, it means a password is needed in order to read the information. The information is unreadable without the password.
- Access information from a secure network. Public WiFi may be convenient, but your information is at risk because it’s an unsecure network.
Answering your questions
I have business liability insurance. Why won’t this cover cyberattack costs?
Business insurance and cyber insurance are two different insurance coverages. “Business insurance” can refer to a third party liability. This means if your business caused bodily injury or property damage to a third party, such as a client, you could be sued. The result of cyberattacks isn’t covered by business insurance. This is why cyber insurance is important.
If I can’t access my computer because it’s hacked will cyber insurance cover the cost of my lost revenue?
This situation would fall under business interruption insurance, which can be added to a business insurance policy. However, be sure to ask your BrokerLink broker about this – some cyber insurance policies may cover business interruption.
To cover my main exposures, what type of business insurance should I get?
This is where our commercial insurance experts can give you more information and expertise. They’ll tailor the coverage so it’s specific to the needs of your business.
Get more information
Our commercial insurance experts understand you face as a business owner, and, insurance coverages which could help. Give them a call to learn how cyber insurance could benefit your business and details about the coverage.