How to assess your business’ risk of cyber attack

When it comes to cyber attack, the question is not so much ‘could it happen to your business?’ as ‘when will it happen?’ 2019 figures reveal cyber criminals are increasingly targeting UK businesses with over half reporting at least one cyber attack.

 

And it’s not just large online businesses that are being hit. In the UK, a small business is successfully hacked every 19 seconds, according to Hiscox. And yet British firms are still underprepared, with three quarters ranked ‘novices’ in terms of cyber readiness.

We’ve put together this guide so you can:

  • Work out your risk of attack.
  • Find out what you can do to stop it.
  • Discover how cyber-attack insurance can help protect your business financially.

 

What is a cyber attack?

Cyberattack is a sophisticated type of organised crime that targets businesses of all sizes and types.

 

Cyber attacks can take many forms:

  • Your data security can be breached. When this happens, the personal or financial information of your customers can be stolen. This could leave your business liable to pay compensation or fines for breaching data rules.
  • A ransomware attack can disable your network. When this happens, there could be hours, days, or even longer when your business cannot function. This can have severe implications for cash flow.
  • An attacker can gain access to your network to make changes to information or send messages. With access to your emails, they can impersonate your business asking your commercial customers to make payments to an alternative bank account. It also gives the attacker access to your intellectual property, which could be very damaging to your business.

Bear in mind, if your suppliers fall foul of a cyberattack, it can also have a significant impact on your business. If they are unable to trade for a period of time, it could have significant repercussions for your supply chain and business. And watch out if you outsource services involving data. For example, if you use a direct mailing agency and your customer data is breached at their end, you could still be held responsible.

 

Is my business at risk of a cyber attack?

Unfortunately, all UK businesses and charities are at risk of a cyber attack. Companies that handle personal data, for example, online stores, are at high risk. But as thieves can make money from all types of data breaches, every business must take steps to protect themselves.

The stats show that your business is most at risk of a cyber attack if it is large or medium-sized:

  • 61% of large companies reported an attack in 2019.
  • 60% of medium-sized businesses reported an attack in 2019.

Cyber attack is also a genuine threat for high-income charities, with 52% being targeted.

 

How much can a cyber attack cost my business?

The average cost of cyber attack to UK business is £4,180, and the figure is over twice as high for UK charities. That’s because not all breaches or attacks result in a loss of money or data. In the case of a successful attack, the costs can be very high. For example, the BBC reports how one firm lost £45million in a global ransomware attack.

The financial damage varies depending on your business type and what sort of breach occurs. The cost of clearing up includes:

  • Compensating customers who have had data stolen.
  • The fines that must be paid under data protection laws.
  • Damage to your business’ reputation.

 

How can I prevent data breaches and attacks?

So what can you do to prevent a cyber attack? The first step is to carry out a cyber security risk assessment. This will identify potential risks and enable effective planning. You’ll also need to review and update this risk assessment regularly as new changes to your business, and new threats could impact.

 

What about GDPR?

The EU’s General Data Protection Regulation (GDPR) is designed to improve data security. This legislation requires all organisations to carry out data protection impact assessments for the riskiest uses of personal data. It means that companies must ‘continuously’ identify risks that could put personal data at risk. The government has already stated that this regulation will continue to be enforced after Brexit.

 


What is cyber-attack insurance?

Even with the best controls in place, firms can still find themselves at the mercy of an attack. Cyber attack insurance, also known as cyber liability insurance, covers you financially if your business is struck. It gives you peace of mind that you will be able to cover the costs of suffering a security breach, including:

  • The price of recovering lost data.
  • The costs of compensating customers who have suffered loss as a result of a data breach.
  • Any other costs of managing a crisis situation caused by cybercrime.

In the government’s recent report, businesses also highlighted other reasons for taking out cyber attack insurance. These included:

  • Taking out insurance to demonstrate to business clients that cybersecurity is something that is taken seriously.
  • To access an expert breach management team that can help the business to manage reputational damage more effectively.

 

How much does insurance cost?

The cost of cyber attack insurance will vary according to the size and type of your business and the level of protection that is required. It could cost less than you think. For example, the government’s Cyber Security Breaches Survey reports that the cost of cybersecurity insurance has gone down in the last couple of years.

For many firms, the most critical factor is not the cost, but what’s included and what is not. If you don’t check the small print, you could find your business exposed to significant risk. Use an experienced, specialist insurance broker, like Park Insurance, to guide you towards insurance you can count on.

Getting the best price on cyber-attack insurance

We know that every firm is different. You should look for coverage that can be tailored to your needs. That way you can be sure that you’re fully covered, but you’re not paying for anything you don’t need.

You can call our expert team at Park Insurance for free advice on cyber liability insurance. Firstly, we understand the risks you face and know exactly what will give you the peace of mind you need. As a family-run independent broker, we can shop around to find you the best price. And if anything does go wrong, you can rest assured that our helpful team will handle your claim for you. And that means you’ll have one less thing to think about. Call us on 0117 9556835 or get in touch.

NB: This article was originally published in January 2018 but has since been completely updated to provide you with the best and most accurate information