Tag Archive for: cyber security

man holding phone at computer with blue screen that says cyber security

the evolution of the cyber insurance market

in

Considering today’s digital world, cyber-attacks have become increasingly common over the past decade—and with more significant financial impact. Breaches including phishing emails, viruses, ransomware, or other malicious attempts can cost companies billions of dollars.

As a result, more businesses and organizations—both small and large—are investing in cyber insurance to avoid catastrophic losses and expenses—and we don’t blame them. However, the cyber insurance market itself has changed a bit as well. Let’s discuss the evolution of the cyber insurance market and where it is right now.

what is cyber insurance?

Cyber insurance is a policy that protects your “business’ liability for a data breach involving sensitive customer information.” This sensitive information might include:

  • Credit card numbers
  • Account numbers
  • Health records
  • Social security numbers
  • Driver’s license numbers
  • And more

Typically, cyber liability insurance covers network security and data privacy incidents, including first-party costs and third-party claims. Remember, no business—no matter how big or small—is safe from the threats of a cyber attack today.

Not quite on board yet? Check out the shocking cyber attack statistics from AAG below.

cyber attack statistics

Did you know…

  • There is a hacker attack every 39 seconds
  • 64% of companies have experienced web-based attacks; 62% experienced phishing and social engineering attacks; 59% of companies experienced malicious code and botnets
  • Since 2013, there are 3,809,448 records stolen from breaches every day
  • 43% of cyber-attacks target small business
  • Over 75% of the healthcare industry has been infected with malware over the last year

where is the cyber insurance market today?

Today, despite the increased need for cyber protection, organizations are faced with a difficult cyber insurance market. The market is characterized by:

  • Rapidly increasing losses
  • Non-renewal cases
  • Increased premiums
  • Coverage restrictions
  • And longer underwriting periods due to increased requirements

Infographic of the evolution of the cyber insurance market

how benchmark can help

The United States cyber insurance market, according to the National Association of Insurance Commissioners, expanded to $4.1 billion in direct premium in 2020, an increase of over 29% from 2019.

Our team at benchmark commercial insurance is understanding of today’s cyber insurance market—and is here as your partner to navigate insurance compliance around everyday business transactions, ensuring you have the right coverage for your risk tolerance.

Reach out to benchmark today to learn more about our dedication to providing global capabilities with our boutique experience.

all businesses need to mitigate risk with cyber insurance

I don’t have an online business, do I need cyber insurance?

in , ,

The insurance policies a business chooses is based on their specific business model. What works for one business may not work for another. One policy, however, lives as a baseline policy all businesses should have- cyber insurance

 

This rings true, especially in light of today’s tech-reliant world. Even businesses that do not operate online are not free from the dangers of a cyber attack. 

 

Furthermore, recent events regarding the ongoing Russian-Ukrainian War have the potential to impact all businesses and their cyber security in the United States. Cyber security risks are escalating, so let’s discuss more why even non-online businesses should invest in cyber insurance.

do all businesses need cyber insurance? 

Yes. All businesses need cyber insurance regardless of business type—especially in today’s digital environment. 

 

Even if your business is not an online business, cyber insurance helps mitigate risk. Cyber-attacks occur regularly (every 11 seconds in 2021), and can target individuals and businesses alike. No one is safe from the threat of a cyber attack – no matter the business model. 

 

Typically, attackers use the following tactics in a cyberattack:

  • Phishing 
  • Compromised/stolen devices
  • Credential theft 

 

General and professional liabilities may include basic cyber liability coverage, however, businesses that store personally identifiable information or any sensitive information for employees and customers should seek out further coverage. 

 

Data your business has (i.e. phone numbers, credit card numbers, social security numbers, and more) puts any business at risk for an attack.  

 

A report by Nerdwallet, “​​Among small businesses with fewer than 250 employees, the average reported cyberattack cost was about $25,600.”

 

Consider the following cyber attack statistics below before dismissing a cyber security policy for your business. 

 

  • Cybercriminals can penetrate 93% of company networks
  • In 2021, businesses suffered 50% more cyberattack attempts per week
  • Corporate cyber attacks increased by 50%
  • Small to medium-sized businesses are most commonly targetted   
  • 43% of cyber-attacks are targeted against small businesses 
  • 83% of small businesses are not financially prepared for a cyber attack

 

The threat of a data breach is here to stay. We here at benchmark have first-hand experience with what cyber attacks look like, and what to do to keep your business safe. Read on to learn how we mitigated a cyber attack against our vendor’s business. 

 

benchmark case story

A few years ago, our data vendor’s cloud server was hacked.  All of the vendor’s “mission-critical” information stored in the Cloud was breached (i.e. email servers, client databases, and more)- that included our sensitive information and the information of their other clients. 

 

The hacker asked for a ransom to not share all of the data and to return the data back to our vendor. 

 

Luckily, because the vendor had benchmark’s cyber insurance coverage, our office and all of the vendor’s clients came out unscathed. The cyber insurance covered the entire ransom the hacker was asking for– which meant our vendor was able to keep their data safe and unharmed. 

 

Our cyber insurance policy coverage protected our vendor, our business, and their clients from leaking private information. It also kept the vendor in business so they wouldn’t go bankrupt from paying the hacker’s ransom out of pocket. 

 

Read our next blog post for a complete guide to cyber insurance and why you need it. 

 

all businesses need cyber insurance

why email may be your biggest cyber risk

why email may be your biggest cyber risk

in

When you hear the word “cyber risk,” what do you think of?

If you think of Facebook or strangers sending sketchy links over text, you’re not alone. But, you are wrong.

In 2019, The FBI’s Internet Crime Complaint Center (IC3) reported that the losses for business email scams was $1.7 billion. So, your email might be your biggest cyber risk, what does that mean for you? Let’s break it down. 

BEC Scam 

The FBI defines a Business Email Compromise (BEC) scam as, “Also known as email account compromise (EAC) — is one of the most financially damaging online crimes. It exploits the fact that so many of us rely on email to conduct business— both personal and professional.” 

They also list what BEC scams can often look like: 

  • “A vendor your company regularly deals with sends an invoice with an updated mailing address
  • A company CEO asks her assistant to purchase dozens of gift cards to send out at employee rewards. She asks for the serial numbers so she can email them out right away. 
  • A homeowner receives a message from his title company with instructions on how to wire his down payment.” 

The listed scenarios were all fake, and cost companies thousands (sometimes hundreds of thousands) of dollars. 

The rise in Cyber Security breaches has jump-started many companies into investing in cyber security insurance. This is a great way to protect yourself and your company, but there are preventative measures that can be taken. 

How to Avoid BEC or EAC Scams

There are some steps you can implement to avoid the financial downfall of a cyber attack. 

Company Policy

Set clear policies about what should be responded to within the company email. This also implies that the company email is not used for general things (for example, signing up for a clothing discount). Within company policy, there should be a rule for not sending personal passwords or information over email. 

Social Media

Social media has changed what a company might share with the world. The information that is shared with the public can be informative about the industry, but should NOT be stating that the whole company is out of the office for a day off. 

Employee Knowledge

Train your employees to look out for red flags in their inboxes. This could look like anything from emails from outside the company, to emails asking for personal information. Emails can be included in a broad cyber security training, considering their high-risk factor. 

Has the recent rain caused any alarm for flooding at your commercial property? Learn more about the surface water exclusion that is most likely a part of your property insurance.