Cybercrime is a major threat to Canadian businesses, and companies are concerned. Statistics Canada’s recently released results of their 2021 Canadian Survey of Cyber Security and Cybercrime reveal cyber concerns are top of mind for many.
Key findings from the report include:
- 18% of Canadian businesses were impacted by cyber security incidents in 2021, compared to 21% of businesses in both 2019 and 2017.
- Larger businesses were the main target, with 16% of small businesses (10 to 49 employees), 25% of medium businesses (50 to 249 employees), and 37% of large businesses (250 or more employees) reporting being impacted by cyber security incidents in 2021.
- The most common type of cyber security incidents were to steal money or demand ransom payments (7%) and to steal personal or financial data (6%).
- Canadian businesses spent approximately $9.7 billion on cyber security in 2021.
- 11% of businesses were impacted by ransomware, with 82% saying they did not pay the ransom. Only 18% of businesses paid, with 1% paying more than $500,000 and 14% paying using cryptocurrency.
Canadian businesses that were victims of a cyber-security incident spent more than $600 million in recovery costs, a significant increase of approximately $200 million from 2019. Those who were impacted then spent more money to prevent and detect incidents and were more likely to employ dedicated cyber security employees.
Even with very clear data showing the need for comprehensive cyber security education and prevention in companies, several businesses remain hesitant in signing up for cyber insurance. They are weighing the cost of coverage against their level of risk, and often have the assumption they are being protected in different ways.
Here are five reasons why cyber insurance should always be considered an essential component of commercial insurance coverage.
1. Every business is a target
While it is true that larger companies tend to be targeted more often for cyber attacks, the truth is that all businesses are at risk. Smaller companies may choose to forego cyber insurance coverage, thinking that they don’t have enough of value or data worth stealing, but criminals are opportunists who will go after anything that has their defenses down. Even if your business doesn’t deal with massive amounts of money, information such as email, payroll, and benefits are often all online are provide cyber criminals the chance to take control and blackmail victims into paying for the release of their data.
2. All businesses are technology-based
Some companies may try to fool themselves into thinking that their business does not rely on technology, and therefore does not need cyber insurance. As mentioned previously, however, even just a company email account is all cyber criminals need to access information you don’t want in their hands. In addition, almost all businesses use some sort of online software to keep track of their finances, which represents years of irreplaceable business history should it be hacked.
3. Human error is always the weakest link
Even if your company has the newest, most advanced protection against cyber attacks, the technology is only as good as the people who are using it. Human error is the most common way cyber criminals find a gateway into systems. Some of the most common mistakes employees make that open the door to cyber criminals include:
- Using one password or a weak password for different work accounts.
- Accessing work accounts from public Wi-Fi.
- Downloading external software that is not protected through the company.
- Allowing others to use their work computer.
- Sharing passwords via text or email.
4. Liability coverage is often not enough
Although it’s true that some commercial general liability policies will cover for cyber security incidents, it is not comprehensive enough and has lower liability limits. Cyber insurance specifically covers for situations such as if a customer sues your company after a breach, as well as the cost of your defense and damages.
5. Cyber insurance is tailored for a wide range of incidents
Cyber insurance continues to evolve, so when it comes to insurance renewal time it’s worth it to give your insurance broker a call to fully understand developments.
Some of the events cyber insurance will protect your business from include:
- Data confidentiality breaches such as the loss of and/or unauthorized access to or disclosure of confidential or personal information.
- Cyber extortion such as a demand for payment while threatening to disrupt your data.
- A technology failure or denial-of-service attack.
Costs associated with loss due to a cyber attack will be covered through cyber insurance, including:
- Payment for legal representation.
- Harm mitigation from a breach, including notifying affected parties and the provision of free credit monitoring.
- The hiring of experts to help prevent further attacks.
- Data restoration.
Cyber insurance in Calgary: Coverage for the modern world
Lane’s Insurance is a leading Alberta-based brokerage, providing complete business insurance solutions for owners of companies both large and small. Lane’s works with the province’s most trusted carriers to protect you from today’s advanced digital threats, and much more.
To learn more, or to obtain a quote, please contact us in: