According to the National Cyber Security Alliance study, 60% of businesses that are hacked go out of business within six months. The vast majority of damage done in cyber attacks is due to the inability of the company to respond because they have not developed a cyber prevention and response strategy. Think about it. We practice fire drills and earthquake duck and cover drills. Shouldn’t we do the same to prepare for risk with similar catastrophic consequences? If your e-commerce system, website, email, or customer data was suddenly inaccessible because of an attack, would you be able to get back up and running within minutes, hours, days, or at all? That depends on your business’s level of cyber resilience.
What is Cyber Resilience?
The most common definition of cyber resilience is the ability of an enterprise to limit the impact of security incidents. It’s a broad approach that encompasses cybersecurity and business continuity management, which aims to defend against cyber attacks and ensure that the business is able to survive.
Cyber resilience can reduce the economic impact on your business after a cyber attack and instill confidence in your customers who know that you are able to protect their data. Consequently, a significant amount of underwriting now takes into account business resiliency. Cybersecurity practices such as password management, risk assessments, employee training, and incident response plans can prove your organization’s resiliency and thus lower insurance costs. With premiums ranging from $10,000 for small organizations to over $100,000 for million-dollar businesses, these cost savings can be valuable. Ideally, you should implement an incident response plan before you purchase cyber insurance to better understand what your needs are and how you can enjoy lower rates. By documenting prevention, detection, and mitigation best practices, you can negotiate better insurance terms and conditions, which may include:
• Reduced premiums
• Broader coverage
• Higher amounts of coverage
In the case of cybersecurity, offense wins and the defense loses. Interested in learning more about cyber resilience or risk assessment? – Feel free to contact us!