I continue to beat the drum on this topic for two reasons: The cost of cyberattacks is increasing and the frequency with which they occur continues to increase as well. In other words, the potential harm to an independent insurance agency from a cyberattack or data breach could easily be catastrophic.
According to a recent Harvard Business Review article, “Cybercrime alone costs nations more than $1 trillion globally, far more than the record $300 billion of damage due to natural disasters in 2017.” The article ranked cyberattacks as “the biggest threat facing the business world today – ahead of terrorism, asset bubbles and other risks.”
Although many who read about high-profile incidents think they are somehow immune from an attack – they aren’t. In fact, their chances of falling victim to cyberattacks are growing, according to a July 2018 report from the Ponemon Institute LLC, sponsored by IBM. In the report, researches found that the average global probability of a material breach in the next 24 months is 27.9 percent.
The cost of a cyberattack
While you still may be thinking, “that only happens to big businesses,” think again. Insurance agencies and their small-business clients certainly are susceptible to cyberattacks. In fact, the 2018 Data Breach Investigations Report, published by Verizon, found that more than half (58 percent) of cyberbreaches impacted small businesses. The financial and insurance industry accounted for 598 incidents alone in 2018, and 146 of those incidents involved a confirmed data disclosure.
Now consider the costs. Ponemon found that:
- The average total cost of a data breach in the U.S. was $7.91 million, the highest in the world.
- Companies worldwide that contained a breach within 30 days saved $1 million, but in the U.S., the mean time to contain a breach was 52 days.
- The average cost per record breached in the U.S. was $233, again the highest worldwide. So, an insurance agency with 2,000 records breached could spend nearly $466,000 in unbudgeted expenses.
Lastly, consider that approximately half of small businesses that have a cyberattack go out of business within six months.
Cybercriminals use multiple tactics to commit wrongdoing. While the Verizon report estimates that nearly half of all 2018 attacks occurred through hacking, other common tactics include malware; errors such as casual events; social attacks (e.g., phishing scams); privilege misuse; or physical actions.
Read the full article in PIA Magazine, written by Matt Masiello, CEO of SIAA – reprinted with permission from PIA Management Services Inc.