The huge cost of cyber crime

WHILE a growing number of businesses and even sole traders have adequately armed themselves with specific insurance against cyber-attacks, there are many companies that remain inadequately protected from the threat and consequences of cyber crime. Whether it is the excuse of “it will never happen to us” or possibly viewing it as an extra and unnecessary expense, the number of firms uninsured and therefore more exposed, is quite staggering.

At the time of writing, March 2023, a news story broke that a long-established high street name had suffered a major data breach – a classic cyber-attack. In this case it was an information “hack” on employees rather than customers, and the press statement from the business in question clearly stated that they took cyber security seriously and an investigation was underway, so we can only hope that the level of insurance reflects this. It’s not the first time that a “successful” cyber-attack has come to light. From reports that a major sports and leisure name recently had up to 10 million customer names and account details stolen1, to the most concerning, far-reaching data invasions on the NHS, cyber crime is a constant, rather than a rarity.

The mining of personal and financial data to use as a digital ransom note is only one aspect of cyber crime. Equally common are the attacks that can render computer system hardware and software unusable. And that risk is very real. Whether you simply allow your staff to use the internet at work, have a small website for your business, keep customer and supplier records backed up on a computer, or oversee a growing network of linked laptops, there is potential for a malicious cyberattack.

The most advanced anti-virus software and crack IT teams can offer a decent level of protection against cyber crime, but over in “crime land” there are some big brains and scarily powerful forms of software attempting to weaken and invade, breaking through even the strongest defences. It’s a neverending game of cat and mouse – made worse as the perpetrators are pretty much an invisible force and the consequences can be huge in terms of expense, reputational damage control, disruption to business, legal ramifications, and a loss of trust from those directly affected.

Let’s be frank. Cyber insurance is NOT a guarantee against cyber crime happening (we only wish it were), but it does afford you and your business protection and peace of mind if there is an attack, such as the ones we’ve outlined above.

Latest research suggests that if you’re a small or medium-sized enterprise, there’s around a 50 per cent chance that you’ll experience some sort of cyber security breach2

Picture this. You’re the director of an online beauty business. It’s doing well, and you currently have an employee base of 60 and around 20,000 customers on your mailing list. And you’ve had decent press coverage for your Vegan face creams. Just as you’re ramping up for a profitable Christmas, you’re hit by a malware attack. This may be a deliberately planted software virus or possibly spyware, but you know you’ve been compromised, and Christmas isn’t looking nearly as merry or lucrative.

It’s not just the time to undo the damage and get back online, it’s the wider repercussions – which, without decent cyber insurance, you may not be able to bounce back from. For an SME, estimated costs alone could be anywhere between £35k-£65k – which is a lot of unexpected finance to find.

Cyber insurance is not so much a weapon, but a necessary defensive shield. You may find that you need to use this in the event of a stolen mobile phone or laptop, or it could be the widespread infiltration of a large network of devices. Neither scenario is good news, but targeted insurance cover lessens the impact on all fronts.

Aston Lark’s Cyber Risk Protection insurance goes beyond cover for the calamitous possibility of that network breach; we also provide legal and PR advice should the worst happen, and cyber-awareness training, so you and your team can be as prepared as possible for an attack.

One last thing. In many reported cases of a cyber incident, it’s human error that’s the cause rather than malicious intent. So, you’ll be reassured to know we cover that as well.

Bolster your IT defences against the outcome of a cyber-attack by filling out a quote request form here or calling our cyber insurance team on 020 8633 8436.