UK small businesses are underestimating the impact a cyber-attack could have on their reputation and must take steps to protect it according to the findings of the Small Business Reputation and the Cyber Risk report launched in February by the Government’s Cyber Streetwise campaign and KPMG.
UK SME’s are also unlikely to escape the grasp of the recently passed EU General Data Protection Regulation (GDPR), despite the recent Brexit vote.
The GDPR is due to come into force in early 2018. After that, firms which fail to comply with the new regulations will be subject to fines up to $20m (£15.4m) or 4% of turnover, whichever is greater.
This will put cyber insurance at the same level of importance as motor and employer’s liability insurance for many SME’s, especially those trading overseas.
Less than a third (29%) of small companies surveyed for the February Cyber Risk report that have not experienced a breach say the potential damage a cyber breach could cause is an ‘important’ consideration. However, 83% of consumers surveyed are now concerned about which businesses have access to their data and whether it is safe, and over half (58%) say that a cyber breach would discourage them from using a business in the future.
The impact on the SME’s surveyed who had experienced a breach was long lasting. One in four (26%) of those surveyed who have experienced a breach have been unable to grow in line with previous expectations, and almost a third (31%) said it took over six months for the business to get back on track.
Cyber risks are not faced just by e-commerce companies. Any company, which is reliant on computer networks, digital information or the internet, faces major cyber exposures. Most SME’s face some kind of exposure and in many cases traditional insurance policies may not respond to losses involving IT.
We can help you review your exposure to cyber risks and provide insurance solutions to protect your business. Cyber insurance can deliver protection for SME’s in many ways including;
- Third party and employee privacy liability for damages and claims expenses as a result of a privacy breach.
- Notification expenses to notify victims of privacy breaches.
- Forensic costs to contain a breach and carry out the necessary forensic audits following a breach.
- Payment Card Industry (PCI) fines.
- Multimedia Liability, Intellectual Property Infringements and Libel and Slander due to email or website content.
- Data/Electronic information loss: The costs to restore data that has been lost or corrupted.
- Indemnification for loss of revenue following unplanned system outage and increased cost of working.
- Cyber extortion coverage: Covers both the costs of investigation and the extortion demand amount related to a threat to commit a computer attack.
- Cyber terrorism coverage.
- Reputation coverage extension (in some cases).
Here at Creative Risk Solutions, we can help. Please contact our team to discuss further.