“My business doesn’t have the type of information hackers want.” This seems to be a common mantra with many small to medium sized companies I have spoken with over the past few years. They are aware breaches are increasing, but feel their data is just not that valuable to a hacker. The hard fact is pretty much all data is valuable to a hacker. However, it is just not hackers that business owners need to be concerned about. Unintentional acts by employees still account for a very large number of the breaches on record. The recent live and print media reports are all about the Home Depot and Target type breaches. For every large breach like a Home Depot or a Target there are many smaller breaches occurring each day caused by hackers and employees involving only a few thousand records that fly below the radar. The lack of media attention leads many small business owners to think they are not a target. This gives a false sense of security which permeates the thinking of many small to medium sized businesses leaving them vulnerable to a breach.
The harsh fact is many businesses may have already had a breach and not know it until a customer, employee, regulator or an attorney shows up on their doorstep informing them of the possible breach. If it is subsequently determined that the business owner did have a breach and was aware of it, but did not make it known to the public for fear of reputational harm or brand damage, this can open them up to a long list of legal and regulatory problems. Additionally, these businesses will be further burdened by staggering financial expenses that will be incurred as a result of the breach.
The big question is where does the money come from to deal with these expenses? If a business has not taken the necessary steps to protect their data, train their employees and enforce security procedures in order to mitigate exposure then these expenses can quite literally turn the lights off in the building. These costs come directly off the bottom line. The right solution is to transfer the exposure and the costs to a quality Cyberliability policy. This will cover the cost and reimburse a company for legal, regulatory and post-breach expenses that will be incurred. This can be done for a mere fraction of the total cost of a breach.
If you would like an honest evaluation of the security procedures you have in place to protect your data and what a Cyberliability policy costs, contact us today and we will be happy to provide this information to you.
