Cyber-attacks: The growing threat for Sussex businesses that isn’t going away
8th July 2024
Author EditorPosted on Categories Finance
Half of UK businesses and a third of charities have reported a cybersecurity attack or breach in the last 12 months – and the numbers continue to rise.
The world of digital is moving faster than ever. In just 40 years, we’ve gone from Tetris being a revelation to self-driving cars becoming the latest captivation. But as much as technology might make our lives easier, it comes with a price. We catch up with Managing Partner of Preston Insurance Brokers, Noel Preston, to get serious about cyber insurance.
How many cyber-attacks occur every year in the UK?
I thought you’d ask this question, so I’ve come prepared with some figures. So far this year, UK businesses have been the target for 7.78 million cyber-attacks. That accounts for 50% of businesses, with the average cost of each attack costing £3,230. Despite those figures, only four in ten businesses have cyber insurance.
So, how has the demand for cyber insurance changed over the past 12 months?
When cybersecurity was first introduced to our vocabulary, a lot of coverage was focused on protecting corporates and global organisations. But with the pandemic remodelling our ways of working, the demand for cyber insurance continues to grow in the small business sector. Not only is this due to a greater awareness of digital threats, but it’s also because cybercriminals often look for the point of least resistance – which is sadly small businesses.
What does cyber insurance cover?
It will depend on your policy, but in most cases it will cover a direct (or first party) financial loss to you or your business caused by a cyber-attack. This might include security and privacy breach costs, damage to digital assets, business interruption, liability costs, and post-incident support.
Sounds like there’s a lot of digital threats out there. How can a business be certain they’re covered for any eventuality?
There will be some business owners out there who’ll use a quote-and-buy engine to arrange their policy. Although this is a fast and convenient service, it doesn’t get under the bonnet of a business to assess every possible scenario. Data breaches, restoration of computer systems, extortion payments demanded by hackers – every angle needs to be considered when preparing a policy. And that’s only possible by understanding the business.
Okay, and how much does cyber insurance cost?
It all depends on the size and nature of your business, as well as how much data you store. The more you store, the bigger target you become for cybercriminals which means you’re a greater risk to insurers. That said, there are several actions you can take to potentially reduce your premium. Becoming Cyber Essentials certified, implementing Endpoint Detection and Response (EDR), and incorporating secure backups to name but a few.
Hold up, you mentioned ‘Cyber Essentials’. What is that?
Cyber Essentials is a government-backed scheme to guide businesses in protecting themselves against cyber threats. There are two levels of accreditation available: ‘Cyber Essentials’ and ‘Cyber Essentials Plus’. Both offer a range of security controls, from patch management and malware protection to boundary firewalls and internet gateways. For most insurers, it’s a mandatory requirement to have Cyber Essentials certification.
Fingers crossed it never happens, but how can an insurance company help me during (or after) a cyber-attack?
The support will vary, but most insurers will respond quickly to the immediate effects, restoring systems and data while seeking ways to minimise disruption to your business. Other types of support might include IT forensic services, legal assistance and public relations support. If your business experiences a data breach, there may be a settlement of claims to customers and other parties which is normally covered by your policy.
Okay, and how much cyber insurance do I actually need?
You need enough protection to cover the hardware and software of your IT infrastructure. The more software you have, the more data you’ll need to restore. And the more hardware you have, the more likely you’ll need to make repairs and replacements. It also comes down to assessing whether your business could survive without a website, email or access to systems. Although most businesses probably could’ve survived without digital 30 or 40 years ago, I doubt that would be the case today.
If you want to learn more about Preston Insurance Brokers and how they support businesses across Sussex, London, Reading and beyond, scan the QR code. Right, back to Tetris.