Cyber insurance for businesses
December 8, 2022A government survey found that four out of ten British businesses in 2022 suffered some kind of cyber threat – and even this high percentage probably reflects a significant degree of under-reporting according to the official press release by the Department for Digital, Culture, Media, and Sport (DCMS) on the 11th of July 2022.
If you’ve never considered the need for cyber insurance for your business, now might be the time to do so. If you have already put cyber security measures in place, it’s probably time to review whether they are still as effective as necessary to combat today’s increased threats.
What is cyber insurance?
The Association of British Insurers (ABI) explains that cyber insurance is a financial services product designed to protect you and your business from losses arising from damage to or the loss of information from any of your systems for information technology (IT) and the networks you use.
The DCMS report of July 2022 also reveals the approximate cost to businesses of such cyber-attacks. Where there have been financial losses or the loss or corruption of data, the annual cost to the average business in the UK is estimated to be £4,200. Among medium and large businesses, the cost of that loss and damage amounts to £19,400 in an average year.
Allowing for the expected under-reporting of cyber-attacks on businesses generally, it is clear that substantial losses are incurred through cyber attacks and threats each year.
What does cyber insurance cover?
The principle of cyber insurance is just the same as that for any kind of general insurance – in the event of damage or loss, the insurance cover is there to re-establish the financial situation you enjoyed before that event. In other words, insurance compensates you for or indemnifies you against the losses incurred.
In the realm of cyber insurance, those losses are likely to relate to hostile intrusions into your IT systems and networks resulting in financial loss or damage to your business. The possibilities for such attacks are endless – and might range from the total collapse of all the computing systems on which your business relies to selective threats against, for example, confidential contact information and the personal details of your customers.
The combined losses of such hostile activity directed towards your systems and networks can reach substantial proportions – making the relatively modest cost of cyber insurance a more than worthwhile operating expense for any business.
Why do I need cyber insurance if I have cyber security?
Whether yours is a small to medium-sized enterprise (SME) or a large multinational company, you are almost certain to have considered at least some of the risks to which your business is exposed simply through your use of information technology.
The DCMS survey identified the extremely widespread digital exposure of British businesses:
- nine out of ten (92%) of all businesses, for example, rely on at least one IT function (whether that is an online bank account, a customer database, network-connected devices, or facilities for customers to place orders, reserve, or pay online);
- practically every business now also maintains its own website and email accounts for staff;
- network-connected devices – so-called “smart devices” including everything from entry alarms, building controls (such as heating and ventilation), speaker systems, and TVs – are increasing year on year, with more of them recorded in use by businesses in 2022 than ever before;
- although an increasing number of businesses now use Managed Service Providers (MSPs) – many of which incorporate cyber security measures in their services – businesses are typically less than interested in keeping MSPs up to the mark as far as security is concerned; and
- there are the wider vulnerabilities ushered into any business that allows or facilitates staff using their own personal devices for work purposes – the trend towards “bring your own device” (BYOD) – which is now prevalent in almost half (45%) of all businesses.
Summary
Businesses are increasingly reliant on the information technology they use and the connection of their own systems to wider networks. While that might be good for business efficiency, it also ushers in a growing threat of cyber-attacks.
Your defence against the loss and damage that may result from such attacks lies in the form of readily available and typically affordable cyber insurance. In the light of growing vulnerabilities in this area, you might want to check that your cyber security arrangements are up to date and that your cyber insurance is fit to manage and cover any potential losses.