Connecting your business to the internet could be seen as similar to opening a window in your house and then going to the shops – leaving a ‘window’ of opportunity open for criminals.
UK businesses have seen a 22% increase in cybercrime in the last 12 months, according to Get Safe Online. These cyberattacks are reported to have cost more than £1bn in losses.
You might already have protected your business from unexpected bumps in the road with Business Interruption Insurance, but will this cover you against cybercrime?
What is Business Interruption Insurance?
Business Interruption Insurance can help with the financial ramifications of not being able to operate business-as-usual for a period of time.
These ‘interruptions’ would typically be fire, flood or theft – unforeseen circumstances and emergencies that left a business unable to use its office or equipment. The problems could be IT related, for example, or due to a third party issue, such as a gas leak further down the street which led to your office being evacuated.
As well as helping cover the costs of lost business caused by the emergency, this form of insurance can also help curb the costs incurred, for example, helping to cover unexpected expenditures, such as a temporary office location or replacement equipment.
Is cybercrime covered?
If your business holds customer data – particularly sensitive data such as bank information and addresses – processes payments, or uses IT systems that are essential to the way it conducts its business, then it might also be worth considering Cyber Insurance.
While large multinational organisations often have a team of specialists at their beck and call, SMEs are often expected to get to grips with the risks themselves, meaning that there are limitations as to how effectively they are able to understand the potential pitfalls.
A standard Business Interruption policy won’t cover cybercrime if nothing is physically damaged in the attack, meaning that a company could be leaving itself open to problems if it doesn’t invest in a more conclusive policy.
If the business is online too – and sells products or services on the internet, then there is a whole selection of liabilities and risks which it is exposed to which wouldn’t typically be covered by a Business Interruption policy.
Cybercrime – how can you protect yourself?
Cybercrime is a hot topic – the Cyber Risk Survey Report 2016 revealed that 81% of larger companies and 60% of SMEs were affected by a cyberattack in 2014.
Policies for SMEs would typically cover damages in the region of £100k to £5 million, although if you feel there is more at risk, there are speciality policies which cover higher amounts. The effects can be costly – TalkTalk’s hack in October last year is thought to have cost the company around £60m and led to the loss of 100,000 customers.
Pitfalls from cyber-attacks could include things such as potential service interruption and the theft of customer data from your servers, which if known to the public could cause a costly hit to a company’s reputation. If you trade online, for example, an interruption in service due to cyberattack would have a significant effect on your profits because customers would not be able to make orders while the site was down.
An evolving sector
As far as insurance is concerned, this is still a very young area. But experts are reminding policyholders to ensure that they take out the right policy for their business and its unique potential cyber risks.
16th century clergyman Joseph Hall once said, “A reputation once broken may possibly be repaired, but the world will always keep their eyes on the spot where the crack was.” It’s the same with cyberattacks – once a company has been targeted and admitted fault, its reputation takes a hit. This reputation damage can have a significant ‘cost’ to the business, so it’s important to bear this in mind when taking out coverage.
What other insurance might you need?
As well as protecting a business against the possibility of business interruption and cyberattack, it’s also worth considering liability. Liability Insurance could cover anything a business owner or employees might do which could cause harm to others.
This could go hand-in-hand with cyber insurance because it’s possible, for example, that an employee’s negligence could be responsible for a data leak.
Brokers need to make sure that they are up to speed on the industry trends and emerging issues so that they can correctly advise clients on the best policy for their needs.