Can a Cyber Attack Cause A Business Interruption Loss?
When you think about what usually causes a business interruption, natural disasters such as fires, earthquakes and floods probably come to mind first. These events can physically damage your property and equipment, making your work-space unusable for a time. The damages from the Toronto and Calgary floods of 2013 are prime examples of how a natural disaster can put a halt to a business’s day-to-day operations.
How Can A Cyber Attack Cause A Business Interruption Claim?
While natural disasters are still the main reason for an interruption, another cause has made a quick move up the ranks: cyber attacks. As businesses increasingly rely on computers and digital storage of essential data, a cyber attack will continue to be a potential exposure. Read on to learn how a cyber attack could lead to a business interruption and what you can do to mitigate the risk.
Hackers, thieves and other unauthorized individuals have become adept at exploiting weaknesses in business’ computer systems, whether through traditional hacking methods or social engineering. There are several ways a cyberattack could completely cripple your ability to perform normal business activities, including:
- Malicious code that renders your website unusable
- Distributed denial of service (DDoS) attacks that make your website inaccessible to employees and customers alike
- Viruses, worms or other code that deletes critical information on a business’ hard drives and other hardware
It is easy to see how any of these events might leave your company scrambling to do business. Unfortunately, many smaller businesses don’t have the manpower or financial resources available to detect the problem and work on fixing it, which only increases the length of an interruption.
Ways To Prevent A Cyber Attack From Causing Business Interruption
A common saying in the cyber security world is, “It’s not if you’ll be a victim of a data breach, but when.” While 100 percent protection is impossible, you can help lower your chance of business interruption due to a cyber-attack by following these tips:
- Create a formal, documented risk management plan that addresses the scope, roles, responsibilities, compliance criteria and methodology for performing cyber-attack risk assessments. This plan should include a characterization of all systems used at the organization based on their functions, the data they store and process, and their importance to the organization.
- Make sure all firewalls and routers are secure and kept up to date to help defend against a cyber attack.
- Implement a cyber security policy that educates employees about the damage a cyber attack can cause
- Download and install software updates for your operating systems and applications as they become available.
- Implement a strict password policy and have employees change system passwords every 90 days.
- Limit employee access to company data and information, and limit authority to install the software.
- Make sure you are covered by a cyber liability insurance policy.
How Can Cyber Liability Insurance Coverage Help?
Most traditional commercial general liability (CGL) policies will not cover business interruption losses due to a cyber-attack event. Luckily, cyber liability coverage can fill that void.
Should your business be unable to perform normal business operations, a cyber liability insurance policy can help pay for expenses related to an interruption. The coverage can pay for:
- Lost income due to the event;
- Profits that would have been earned had the event not occurred;
- Operating expenses, such as utilities, that must be paid even though a business has temporarily ceased; and
- Rented or leased equipment.
Cyber liability coverage also helps protect your business from the following events:
- Data breaches, including costs for customer notification, some legal costs and credit monitoring for those affected
- Damages to third-party systems, if, for example, an infected email from your servers crashes the system of a customer or vendor
- Data or code loss due to a natural disaster or malicious activity. Physical destruction of equipment is covered under a different policy.
- Cyber extortion, including ransomware, which is malicious code installed into a computer on your network that prevents you from accessing it until a ransom is paid
Being unprepared for a cyberattack could prohibit you from doing business as usual. We can help protect your organization from the damages associated with a cyber attack.
|ALIGNED Across Canada
100% Canadian owned, ALIGNED is a premiere insurance brokerage that serves more than 1,400 clients across the country. ALIGNED’s offices in Toronto, Calgary and Vancouver are supported by a national operations centre in Cambridge, Ontario. Uniquely within the industry, ALIGNED creates, negotiates and delivers the best business insurance and risk management strategies/solutions to organizations like yours.
Other related posts: