Almost 90% of small businesses have no insurance that covers them for cyber crime according to a new survey by PolicyBee and yet one in three small businesses suffered a cyber attack in 2018. It can vary from malware and phishing, we saw ransomware attacks such as wannacry and more recently this year we’ve seen hackers changing payment details on eBay where merchants have collectively lost hundreds of thousands of pounds in real money.
Often a cyber attack itself isn’t the end of the problem, there’s also the clean up cost of rebuilding data and ensuring that systems are secure. Let’s also not forget that with GDPR there’s a reputation issue if you have to declare a data loss and the cost of informing all previous clients that their data may have been compromised.
There are steps you can take to ensure your business is protected – keeping all software up to date with the latest patches, backing up data regularly and encrypting data where possible as well as robust password policies all make sense. Perhaps just as important is awareness of social engineering and ensurting that your staff are trained to be aware of malicious links in email and don’t inadvertently click a link opening up a back door into your operations.
According to PolicyBee’s research, 86% of small businesses think an attack of some kind is likely, that’s up from just 23% is 2017, but almost 40% still haven’t taken action or put any additional measures in place.
Questions you should ask yourself are things like do you have a back up plan in place if you lost all your data, or are you relying on marketplaces as your back up? What if all your listings were wiped out overnight – could you rebuild them if they’re no longer live on a marketplace. Do you store customer data and if so have you a GDPR policy in place and how secure is the customer data? Is it encrypted and backed up and do you have the encryption keys backed up?
Many online businesses still have standard business insurance which doesn’t come close to covering risks of trading online. If that’s you then it’s worth considering changing provider or taking out an additional policy specifically to cover a potential cyber attack. There’s no point insuring your warehouse from burning down but at the same time ignoring the fact that a few clicks by a hacker could also wipe out your business overnight. Check your policy to see what it covers and if it includes cyber insurance.