The Growing Threat of Cyber Attack
A cyber attack can take many forms, and businesses of all types and sizes are at risk. You may remember one of the worst data breaches on record when in 2017, credit bureau Equifax exposed the personal data and social security numbers of up to 145 million people and cost the company upwards of $700 million in penalties and compensation. That may be an extreme example, but according to a 2018 study by the Insurance Information Institute (I.I.I.) and J.D. Power, one in ten U.S. small businesses (most with fewer than 50 employees), had been affected by a cyber incident, but only 31 percent of them have cyber insurance. The average loss of these breaches was $188,400. Moreover, half of confirmed data breaches target small business and 60% of these fail within six months of the breach.
These types of attacks on small businesses can range in scope and damage; from hacked email accounts, to unauthorized wire transfers and credit card fraud, to personal data breaches and identity theft.
Consider these real-life cyber claim scenarios:
- A residential contractor became the victim of a social engineering attack and wired $35,000 to criminals after receiving fraudulent instructions, believing them to be a vendor.
- An employee of a professional services firm had a laptop stolen during a work conference. The laptop contained sensitive client information. The computer was password protected but information was not encrypted. The incident cost the firm more than $20,000 in forensics and notification expenses.
- A restaurant in Washington was notified of a breach by MasterCard due to a high level of fraud committed on customer credit cards who patronized their business. They were required to immediately undergo a forensic examination, costing $11,646.90. Six months later, MasterCard fined the restaurant $26,242 for Fraud Recovery along with an $8,000 Case Management Fee. Two months after that, Visa assessed a non-compliance fine for $5,000. The restaurant had a total cost of $50,888.90 due to this breach.
Sean Kevelighan, CEO of I.I.I. says "Understanding your business' risks and taking proper precautions means a small business can spend more time charting its progress than responding to unforeseen emergencies. In particular, the growing threat of cyber intrusion on small businesses is growing rapidly."
October is National Cyber Security Awareness Month. Have you considered your risks as a landlord? Do you communicate with tenants by email? Collect rent through a digital platform? Rely on online resources for tenant screening?
What does cyber insurance cover?
- The cost to respond and recover from a data breach - This includes legal fees and fines or penalties, as well as expenses related to: forensic examination or investigation, data recovery, notification of those affected by a breach, crisis management, and public relations.
- Recovery of funds stolen electronically or through fraudulent instructions
- Ransom payment if your computer(s) is/are encrypted.
- Business interruption losses related to expenses or lost revenue resulting from a breached system.
Why do you need to consider cyber insurance?
Almost every business stores or collects sensitive data, and is legally responsible for protecting any information collected. As a landlord or property manager, you may manage tenant leases, background checks and collect rent through an online system. If you are a lender, you store personal information about your clients. Flippers may pay contractors through wire transfers. Most certainly, you rely on a computer system or network to conduct day-to-day business using email and web browsing.
These tools and practices are crucial to profitably and efficiently managing your business, but leave you open to a potential breach. Through North American Data Security RPG, you just answer a few simple questions to qualify and enroll immediately. The platform also offers an education risk module and access to a 24/7 breach response team.
Learn more about cyber insurance available through National Real Estate Insurance Group here.