Do you really need cyber insurance? Find out the risk of leaning heavily on your policy & why cybersecurity risks warrant a more comprehensive strategy.
Today, over 85% of business assets are no longer machinery, vehicles or even computers. Our assets are digital: customer transactions, patient visit histories, financial records for millions of people. And unlike a break-in where they steal your laptops, cybercrime that targets the bulk of our assets can be perpetuated from anywhere around the world.
As a result, businesses lost an estimated $23 million in 2018 to cybercrime, but the loss of your digital assets is hard to quantify. Cyber insurance has stepped in to meet a pressing need. But do you need cyber insurance? And how is cybersecurity insurance re-shaping the situation?
Detroit IT services professional, Chuck Lobert from Vision Computer Solutions helps business owners understand the importance of cyber liability insurance.
The Stance of the Business Community
Given the risks, businesses in the US, Japan and Western Europe, some most targeted areas, are increasingly seeing the value in cyber insurance. It’s become a necessity. And the number of businesses who don’t know their cybersecurity risks or that cyber insurance exists has fallen sharply.
In 2017, only 34% of businesses had this insurance. Today that number is closer to 83%. But despite the great strides taken only around 30% of small businesses have insurance, showing we have some work to do on education. That’s because this doesn’t align with reality. A 2019 report showed 58% of small businesses have experienced an attack in the last year.
So do you need cybersecurity insurance? Yes. But it’s important to consider the whole picture.
The Unintended Consequences of Cyber Insurance
This goes for any kind of insurance. We carry insurance to help manage risks greater than we can self-insure. But insurance separates an individual or business from the “pain” caused by an event. If we’re talking about health insurance, that might mean going to the doctor when you don’t need to or not worrying about the cost of a covered drug or procedure. In the world of cyber insurance, it might be getting lax on cybersecurity because you know you’re protected.
This fact is demonstrated by the 2019 Marsh and Microsoft survey. It showed that businesses are confident that insurance will pay out if they’re attacked. Aside from premium rises, this disincentivizes taking comprehensive measures in the first place. And in business, we all know what happens when you disincentivize people.
On top of that, you better believe that cybercriminals know which companies have insurance. The Marsh report highlights the concern that those with insurance are now more frequent and softer targets. That makes cybercrime even more lucrative for the criminal, funding their operations and enhancing their abilities.
We must realize that cyber insurance is only part of the solution.
One Piece of the Puzzle
We need comprehensive ways to address our cybersecurity risks. Insurance is a part of that equation, but so are things like:
- Password security
- Employee education
- Cybersecurity technology
- Business continuity planning
When these are in place, the less you actually need to use your insurance. Bad actors become less and less likely to attack you because earlier attacks were not successful. Your premiums stay low. Cybercrime becomes less lucrative all the way around, and we all win.
To learn more about cybersecurity and managing your business technology, contact your local managed IT services company.