Businesses of all sizes face the daily threat of falling victim to cyberattacks. While it's often more common to hear stories about the major corporations suffering from data breaches, small businesses can be easy targets to hackers.

What happens after a cyberattack?

Companies that are victims of cyberattacks need to ensure they understand how to respond properly to the incident. It's important to take action right away to help minimize the damage, including these steps:

Containing and assessing the breach

Determining what servers were compromised in the cyberattack helps to contain them as quickly as possible. It's vital to keep any other servers and devices from becoming infected or breached, and it also helps preserve critical evidence for assessing what happened and who was responsible. Contain the breach by disconnecting the internet, disabling remote access and maintaining any firewall settings. If there are any pending security patches or updates, install them immediately. Passwords should also be changed with a global password reset, and ensure all employees create new, strong passwords for each of their accounts.

Once the breach has been contained, it's important to determine the cause to try to prevent another attack from happening in the future. Determine who had access to the affected servers and what network connections were active at the time of the incident. Checking security data logs through antivirus protection software or email and firewall providers may help pinpoint where the breach was initiated. It's also important to identify who was affected by the breach and to educate employees on the company's security protocols. These steps are vital to help avoid becoming a victim of another data breach.

Utilize the data breach response plan and contact the insurance carrier

A data breach response plan helps businesses respond appropriately to a cyberattack by providing the proper procedures to take in a straightforward, documented manner. It should establish a baseline with existing security policies, which can be used as a framework for the plan. Elements of the policy generally include information on how to protect confidential data, instructions for the secure use of personal and company devices, how to detect malicious email scams or viruses, and more. These factors are all vital in helping to avoid a data breach in the first place.

Secondly, the plan should include information about what defines a data breach requiring a response, a designated response team, and the types of messaging and communication methods to be employed.

If the business has a cyber insurance policy, the carrier should be contacted as soon as possible to get the claims process started. The claims professionals are able to connect insureds with vetted vendors who are experienced in handling privacy breach incidents. By notifying right away, it can ensure that costs can be reviewed for approval by the carrier, avoiding issues with misinterpretation of what the cyber policy provides coverage for.

What does cyber insurance cover?

In this day, many, if not all, businesses utilize computers and other devices connected to the internet to complete daily tasks. While these devices certainly make doing business faster and easier, using computers and the internet brings an inherent cyber risk that can threaten a company's entire operation.

However, many businesses may not realize they need cyber insurance or may not understand exactly what it covers – one survey found that 91% of small business owners do not have cyber insurance for this very reason. It's common for small businesses to think their other policies – property, liability, business interruption – cover cyber-related incidents. Still, often those policies do not explicitly include or exclude cyber, leaving coverage in a grey area. The best way an organization can protect itself is to have a cyber insurance policy, especially considering any organization, from large corporations to mom and pop hardware stores and school districts, can be regularly hit by cyberattacks.

Cyber insurance, or cyber liability insurance, often provides coverage for certain losses incurred from data breaches and can help protect companies from a range of cyberattacks. The extent of cyber liability coverage will vary depending on the industry, the type of business and its specific needs. At a minimum, cyber insurance helps companies comply with state regulations that require a business to notify customers of a data breach involving personally identifiable information (PII).

Research shows that the cost of a data breach for a company with fewer than 500 employees has increased from $2.35 million in 2020 to $2.98 million in 2021. A typical cyber insurance policy looks to cover the following costs:

  • Data breach investigation
  • Data, systems and websites restoration
  • Ransomware payments and remediation
  • Income loss for business interruption
  • Expenses and income loss should a supplier experience a cyberattack
  • Restoring reputation and customer relationships
  • Cyber incident response, including legal fees, notifying affected individuals, public relations and more
  • Regulatory fines imposed by governmental agencies
  • Media liability for lawsuits involving libel, defamation, slander, copyright infringement, violation of privacy, plagiarism, etc.
  • Misdirected payment assistance resulting from a compromised business email account

How Does Cyber Insurance Benefit Small Businesses?

Small businesses are often a target for cybersecurity attacks. However, many business owners may believe that their information is not worth stealing or simply that "it won't happen to me." Smaller organizations should keep in mind that they still hold data many cybercriminals are after, such as employee and customer information, bank and credit card data and more. Any company that relies on technology such as email, keeps records filed electronically, and uses computers, phones and/or tablets, could benefit from a cyber insurance policy.

Cybercriminals also know that many small businesses lack the resources larger corporations have in place to protect their sensitive data. Cyber insurance often comes with complimentary services to help protect a small business from falling victim to a data breach. These services include having access to counsel from cybersecurity experts, cybersecurity education and training for employees, and scanning systems for potential vulnerabilities. In other words, a cyber insurance policy can provide many levels of protection that a small business needs to reduce its chances of suffering a breach.

Small business owners should be aware that the premiums on a cyber insurance policy designed to support their business's unique risks and budget will cost a fraction of the amount the company could spend recovering from a cyberattack. Maintaining cyber insurance will help keep the business operational after an attack, and it also demonstrates to their customers that their well-being and privacy are top of mind.

Cyber insurance will not stop a data breach from occurring. However, a cyber policy provides the peace of mind small business owners need that a cyberattack will not result in the closing of their doors permanently.