In 2020, daily ransomware attacks increased by 50%. Because so many businesses rely on electronic and Internet storage for their data, they are vulnerable to cyberattacks.
Remote work compounds the problem; data gets shared across multiple apps and cloud services, IT departments can’t monitor security weaknesses in workers’ homes, and remote workers are more likely to use personal devices.
Cybercriminals are having a field day with the remote era. Cybercrime pays: in 2015, reported ransomware damages amounted to $24 million. By 2020, the amount had ballooned to $170 billion. Even giant corporations aren’t safe; earlier in 2021, Colonial Pipeline suffered the largest attack on a US energy system, costing $4.4 million. The largest reported ransom payment from a cyberattack came this year with JBS to the tune of $11 million.
Yet while these attacks were well-publicized and both companies will make a full recovery, not every business will have that chance. Of small and mid-sized businesses (SMBs), 66% fell victim to at least one cyberattack last year alone.
Of those attacked, 60% go out of business within 6 months of a data breach or hack.
A cyber attack can cost a business everything. The money a business loses goes beyond the ransom and extortion; businesses have to pay for recovery efforts and (at times) new devices. Companies also lose business due to disrupted productivity and shattered reputations among customers.
Cyber insurance isn’t a bulletproof shield, but it can remedy the worst damage a cyberattack causes.
SMB's cyber insurance policies usually cover up to $1 million in damages. Coverage can include profit losses, including that which arises from reputation damage or halted operations, liabilities from contract penalties and media fines, and lawsuits including class-action and regulatory investigations.
There are gaps in coverage, however. Most policies don’t cover physical property, long-term losses, or loss of intellectual property. Despite these gaps, most companies see cyber insurance as worth their while. By 2028, SMBs may be putting 5-20% of their IT budget towards preventing cyberattacks against them. See more in the infographic below.