In today’s digital world, any business connected to the internet is at risk to a cyberattack. A recent Stats Canada survey reported that more than one in five Canadian companies were cyberattacked last year. “Canadian businesses continue to rapidly embrace the internet and digital technologies,” the agency said, “which exposes them to greater cybersecurity risks and threats.”
What is a Cyberattack?
According to Cisco, a cyber attack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization in order to seeks some type of benefit or to disrupt their network. The attacker relies on a business’ vulnerable business system.
Third parties can attack or “hack’ your system in many ways including:
- Exploits – programs that find flaws in your security software
- Malware – software designed to gather information, destroy or encrypt a network
- Phishing – sending emails to employees that include links. Once clicked, gaining access to your network or corrupting your system
If you sell products on-line, use on-line tools to collect memberships, use the internet to fundraise or electronically store your customers’ information, a breach is quite possible and it can be very costly.
Recent changes to Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) have made breach notifications mandatory. If a business suffers a data breach, they’re now legally required to notify everyone that was impacted.
The cost and time sending out notifications to those impacted, dealing with possible legal issues and the PR needed to repair a business’ reputation can quickly add up. According to Kaspersky Lab, the average cost of a data breach for a small to medium-sized business in Canada has now increased to $149,000 - up 27% from last year.
Cyber insurance is a relatively new type of insurance coverage designed for businesses. While it’s not designed to prevent an attack (that’s the responsibility of cybersecurity software and hardware), it will support a business when their network has been breached
A Cyber Insurance policy will typically cover:
- Investigation: a forensic investigation to determine what happened, how to repair the damage and how to prevent it from happening again
- Business losses: the losses sustained through network downtime and data recovery
- Privacy & Notification: notifying clients and other affected parties of the breach. Possible credit monitoring for customers who were affected
- Lawsuits: legal expenses when confidential information has been released including settlements and possible fines
- Extortion: ransom demands from hackers.
Don’t wait until it’s too late.