Just released: How to raise venture capital in 2023


How Does Your Cybersecurity Measure Up in 2021?


Key Takeaways

Matt McKenna Scale Underwriting
Matt McKenna

Underwriting Manager

Although 2020 events exacerbated cybersecurity concerns, this risk has been a top worry since the Digital Age began. But unfortunately, many companies are unprepared to manage cyber threats. It’s a complicated vulnerability, after all. One out of every six businesses that experience cyberattacks nearly shuttered this past year — but it doesn’t have to ruin your operation. Let’s review how your cybersecurity measures up and how to manage cyber risks better. 

Cyberattack Trends to Know

With attacks on the rise, it’s no surprise that cybercrime could potentially cause damages of $6 trillion globally in 2021. To put these numbers in perspective, it would be the world’s third-largest economy, following behind the US and China. Unfortunately, here’s what cybercrime looks like to most businesses:

  • Stolen money
  • Intellectual property theft
  • Personal data theft
  • Financial data theft
  • Fraud
  • Embezzlement
  • Data destruction and damage
  • Business interruption
  • Restoration
  • Forensic investigation
  • Credit monitoring
  • Reputational damage

These criminals force management teams to think about devastating scenarios and safeguarding their companies with little to no whereabouts of potential attacks. A silver lining in all of this is the more they attack, the more we learn about them and can defend against them. Here’s what we know about these criminals so far.

How Are Attackers Finding Entry?

Cybercriminals are pros at finding any weak link in the chain and hacking away at it. For example, corporate-owned servers and corporate cloud servers are both heavily targeted. Plus, your business website is also a massive bullseye for these criminals. Mobile devices — company-owned or personal — are often an entry to a business’s network. Lastly and unfortunately, employees are also targeted regularly (i.e., phishing scams). 

Who Are Attackers Targeting?

Although cybercriminals are typically opportunists, some of the hardest-hit sectors this past years include:

  • Technology, media, and telecom (TMT)
  • Financial services
  • Energy
  • Construction
  • Transport and distribution

Plenty of other sectors also experienced attacks; however, the size of the companies criminals now target is alarming.  Small businesses tend to face more risk because they typically lack a means of recovery. Conversely, large enterprises (1,000+ employees) can fend off attackers more savvily than their smaller counterparts. 

But the idea of safety in numbers only goes so far. Cybercriminals have recently begun to target more enterprises. Also, nearly half of enterprises attacked recently found themselves defending themselves against attackers six or more times annually. Some companies endure this song and dance over 25 times per year.

What’s the Cost of Cyber Attacks? 

According to the successful investor and philanthropist Warren Buffet, cybercrime is the number one problem with humankind and cyberattacks are a bigger threat to humanity than nuclear weapons. Cybercriminals can undoubtedly devastate a business — but what’s the actual cost of cyberattacks?

Large vs. Small Companies

Whether cybercriminals compromise corporate emails or a virus outbreak occurs, large and small companies face cyber threats. Small businesses with less than ten employees often average financial damage of $8,000 per attack. Some unfortunate companies of this size can face damages of over $300,000. Keep in mind that much of these costs are ransoms.

Large businesses with more than 1,000 employees tend to face steeper costs. More than half of these companies manage the cyberattacks, keeping financial damages under $24,000. Some enterprises fend off attackers well, stopping the damages before they get out of hand. Like small businesses, some large companies also face financial losses upwards of more than $450,000. 

Brand Identity

Aside from financial damages, threatened businesses stand to lose hard-earned reputations, as well. Loyal customers might feel convinced to look for another company to do business with, or marketing campaigns could quickly fall flat. However, reputation damages can cost companies monetarily, too. 

Nearly a quarter of businesses that experienced a cyberattack reported bad publicity, causing brand and reputation harm. Unfortunately, large enterprises faced the most heat from the public. Recovering from these attacks can run deep, too, infiltrating faithful employees and a stable customer base. 

How to Manage Cyber Risks?

As mentioned earlier, one silver lining in all of this disturbing news is that the uptick in attacks allows us to learn about cybercriminals’ patterns. Companies aren’t merely getting hit with ransomware, for example, and then shoving the experience in the closet. They’re beefing up their cybersecurity budget and fighting diligently to fend off attacks. That said, we’ve helped many of our clients increase their cybersecurity, and we have some tips.

Multi-Factor Authentication

With cyberattacks on the rise, many companies fear that an attack could sink them for good. Plenty of businesses with weak security aren’t getting market consideration anymore. Carriers want to know that a company implements the necessary safety and protocols before taking on their risk. However, some companies think that these measures are far too costly, which is a common misconception. 

One impressive implementation is multi-factor authentication (MFA). MFA is a layered cyber defense, combining two or more individual credentials to add more protection against attacks. If one factor is compromised, the other one (or more) still stands strong. These multiple barriers have proven successful time and time again. 

Consider a Standalone Cyber Policy 

With enterprises increasing their cybersecurity budget, one of the main focuses is to purchase a standalone cyber liability insurance policy. Adding cyber insurance to an existing policy used to be standard; however, more companies want better protection. Standalone policies are now the go-to coverage to better safeguard small businesses and enterprises alike. 

Define Cybersecurity Roles 

Everyone plays a crucial role in cybersecurity. Employee training, strong passwords, up-to-date software contribute significantly to cybersecurity. Consider assigning one individual the cybersecurity responsibility, whether it’s an in-house IT specialist or an external service provider. With one individual tasked to do this job, critical checkpoints are less likely to get overlooked. 

Handle Remote Work Carefully 

With stay-at-home orders forcing employees to work from home this past year, remote work has become the new “norm.” Many employees enjoy a hybrid schedule and don’t want to go back to a traditional office. Remote work is here to stay. 

Unfortunately, remote work opens up many doors for cybercriminals to attack. Often, remote home offices are unable to provide the same protection that an in-office setting would. Smaller businesses and enterprises have already experienced hackers trying to disrupt their work operations. If your company employs remote workers with hybrid or flexible schedules, now is the time to increase your cybersecurity. 

Cover Your Basis

Backing up your data is one of the most essential and foundational cybersecurity measures. This simple act has enabled many businesses to ward off financial damages before ransomware attacks could take hold. 

Consider backing up all your data routinely — off-site if possible. Recovering your data after an attack will be loads quicker and far less painful. Keep in mind that your cybersecurity controls could also determine whether a carrier will remove or reduce their extortion (aka ransomware) coverage. Many carriers have started to respond to the severe increase in ransomware attacks, so it pays to use these tips to your advantage. 

Understanding the details of what coverage your company needs can be a confusing process. Founder Shield specializes in knowing the risks your industry faces to make sure you have adequate protection. Feel free to reach out to us, and we’ll walk you through the process of finding the right policy for you. 

Want to know more about cyber insurance? Talk to us! You can contact us at ​info@foundershield.com​ or create an account ​here​ to get started on a quote.

Related Articles

cyber insurance pricing trends 2024
March 13 • Cyber Liability

Cyber Insurance Pricing Trends 2024

Uncertain about cyber insurance costs in 2024? Our article explores pricing trends, expert predictions on rate increases, and strategies to potentially reduce your cyber insurance premium.

cyber liability insurance premiums
March 4 • Cyber Liability

7 “Must Haves” For Cyber Liability Insurance in 2024

With cyber liability insurance premiums rising, business leaders must have the inside scoop to keep costs low. Our partners at Blacksmith InfoSec delve into those tips and tricks.

Cybersecurity Data Breaches
November 9 • Cyber Liability

Top 10 Cybersecurity Data Breaches of 2023

Today’s digital landscape is frightening for business leaders. Here’s a glimpse into some of the most cringe-worthy data breaches in 2023 — plus, how to avoid them.

Cyber Insurance Pricing Trends
July 19 • Cyber Liability

Cyber Insurance Pricing Trends 2023

After a hard-hit 2022, let’s explore the lessons learned, what currently impacts the cyber market, and cyber insurance pricing trends to expect in the future.

multi factor authentication
January 24 • Cyber Liability

Securing Your Company With Multi-Factor Authentication: A Complete Guide

Cybersecurity is a priority for most company leaders, with multi-factor authentication spearheading the endeavor. Here’s how to make it a reality in your organization.

October 6 • Cyber LiabilityRisk Management

Cybersecurity Awareness Month 2022 — Data, Data, Goose!

As the leaves turn golden and the wind blows colder, cybersecurity awareness month is upon us! Here’s what it’s all about and how your company can stay cyber-safe.