Shutdowns by Cyberattacks Can be Devastating
WHY THIS MATTERS
A cyberattack can be financially devastating, threatening the very existence of your business due to a shutdown.
Have you considered investing in insurance for cyber-related business interruption (BI)?
This proactive investment in your business may be the difference-maker in whether you survive a cyberattack that shuts down your operations.
Since BI coverage is not standard in all cyber insurance policies, you need to confirm this coverage with your specialist cyber insurance broker.
BUSINESS INTERRUPTION DUE TO A CYBERATTACK
Business interruption (BI) covers loss of income after a disaster impacts a business.
For example, think of a fire at a manufacturing plant. After the fire, the plant continues to have rent and payroll expenses to stay in business. However, the plant is unable to generate revenue because the fire has impacted its operations. Without income, the plant may be unable to cover its expenses. Business interruption insurance would cover the loss of income, making it possible for the plant to continue to cover expenses until the plant begins to operate and produce products.
Suppose you suffer a security breach and do not have cyber insurance that covers cyber-related BI? In that case, your business may face a costly shutdown and the loss of valuable data – the worst-case scenario being a threat to the financial survival of your business.
Some of the industry sectors hardest hit by BI include retail, manufacturing, and general services. Businesses of all sizes and types should consider investing in comprehensive stand-alone cyber insurance with BI coverage, giving your business the ability to survive and bounce back from a cyberattack (data assets, customer retention, and balance sheet protection).
Cybercriminals are adept at exploiting security weaknesses in networks and computer systems. Your business may be crippled or completely halted via:
- Ransomware attacks encrypt your data or threaten to disclose sensitive data until you pay the ransom.
- Distributed denial of service (DDoS) attacks overwhelm the bandwidth on your website (or that of one of your providers), making the website service inaccessible to users.
Unfortunately, companies with weaknesses in cyber risk management may not be able to prevent an attack, detect a problem, or mitigate the risk once discovered, which increases the length and cost of BI.
HOLISTIC CYBER RISK MANAGEMENT INCLUDES CYBER INSURANCE
The 10th annual Information Security and Cyber Risk Management Survey from Advisen Ltd. and Zurich North America revealed the primary message is that cyber insurance is here to stay and growing in value every day for insured organizations. The survey looks at how corporate risk managers and insurance buyers view the cyber risk landscape.
More survey respondents than ever say they carry cyber coverage (nearly 80 percent), up from 34 percent in 2011. The results illustrate where buyers see the most value in their cyber insurance and make it clear that cyber insurance is no longer a luxury item, even amid a hardening insurance market and the COVID-19 pandemic.
According to the survey, buyers understand cyber risks and coverage better these days, but results indicate the need to improve risk assessments and employee training.
Survey results indicate:
- More than a third of respondents only assess cyber risks and provide training annually, indicating potential security gaps.
- Sixty percent of respondents feel "extremely prepared" or "prepared" to respond to a ransomware event.
- Respondents viewed business interruption as the worst possible result of a ransomware attack, followed by reputational harm.
HOLISTIC CYBER RISK MANAGEMENT INCLUDES CYBER HYGIENE
Here are some action steps for good cyber hygiene:
- Create a formal, documented risk management plan that:
- Addresses the scope, roles, responsibilities, compliance criteria, and methodology for performing cyberattack risk assessments
- Logs all systems used, their functions, and where data is stored (including backups)
- Implement cyber defenses, including firewalls, anti-virus protection, and routers (changing default passwords) and software updates and patching for operating systems and applications
- Conduct employee cyber risk awareness training regarding malware risk via hyperlinks in phishing emails and text messages
- Enforce unique password updates and schedules
- Restrict access to company data (as appropriate)
- Restrict the ability to install software
- Enforce videoconferencing security settings and passwords
- Invest in robust stand-alone cyber insurance.
CYBER-RELATED BUSINESS INTERRUPTION COVERAGE
Keep in mind that traditional commercial property insurance does not cover cyber-related BI after a cyberattack. Also, cyber insurance policies vary -- which means you need to confirm coverages with your specialist cyber insurance broker.
Typically, a robust cyber insurance policy covers the policyholder's income -- net profit before taxes – that the business would have earned if it had no BI as a result of a cyber event.
BI losses typically include the costs associated with running the insured's business, including payroll expenses and the costs to reduce the income loss impact (extra expenses).
Most BI coverage has a designated waiting period that must elapse before a recovery is possible. Waiting periods essentially replace the policy retention (deductible) and are based on hours (ranging from a few hours to 24 or even 48 hours). The waiting period starts when the attack impacts operations (the beginning of the BI), and coverage applies to the loss incurred after the waiting period.
Most BI coverage has a restoration period that refers to the lost income covered period (ranging from 3 to 6 months or even a year).
Suppose a manufacturer is shut down for three weeks after ransomware or DDoS attack, but its sales decrease for over a year (due to reputational damage). In that case, some policies may provide reputational damage coverage. Again, you need to confirm this coverage with your specialist cyber insurance broker.
CONTINGENT BUSINESS INTERRUPTION COVERAGE
Contingent business interruption (CBI) (aka dependent business interruption (DBI)) reimburses lost profits and extra expenses resulting from an interruption of business at the premises of a customer or supplier.
In other words, security events or system failures outside of your company's control (your internet service provider) are considered CBI. For example, if your website becomes inaccessible for several hours due to an outage at your web hosting provider.
Keep in mind that contingent business interruption is not standard (and may have sub-limits), usually requiring a risk assessment of the suppliers concerned (often direct contractual partners of the insured rather than second or third level suppliers).
The need for CBI comes down to:
- How much your company's operations rely on an outside entity?
- How much would a long-term computer outage disrupt your operations?
- Whether you have an incident response plan or business continuity plan?
- Whether you have identified and documented all potential areas of loss and how you would recover?
- Be sure to confirm BI coverage and limits to account for your financial needs should your business experience a shutdown or reputational damage.
- CBI is less widely covered in cyber policies and may have sub-limits.
- Your business will do well to reach out to a specialist cyber insurance broker to help you acquire a Stand-Alone Cyber Insurance policy suited to your risk tolerance level.
Reach out to Cyber Armada Insurance to assist you with your comprehensive Stand-Alone Cyber Insurance needs. We understand the evolving cyber risks and the importance of your investment in appropriate cyber insurance.
Contact Cyber Armada today to explore how your company can solve potential financial losses from a cyberattack. Contact us at 888.727.6232.
Please watch for our series of articles on supply chain risk.