Protect Your Business
Business owner's hand holding mobile device displaying 'mitigate' on screen for guide on mitigating damage of cyber attack

Part 3: How to mitigate the damage of a cyber attack

Deep Dive Topics

 | 

Cyber

By:
Karen Doyle

Share Image

Embed Image

Copy

In this Article:

In parts 1 and 2 of the Small Business Guide to Cyber Security, we learned how to prevent an attack, and how to detect one if it does occur. It’s also important to mitigate the damage an attack can cause, and that means being prepared ahead of time. Here’s what you need to know.

Mitigating the damage of a cyber attack

If you find that, despite your best efforts, your network has been compromised, it is important to have a cybersecurity plan in place to best mitigate the threat of an attack.

One of the best ways to mitigate your business risk is to invest in cyber insurance, sometimes called cyber security insurance, data breach insurance, or cyber liability insurance. Small businesses can be a particularly large target to criminals, and many times, an attack may be unpreventable as attackers become more and more advanced. Cyber insurance can help protect your business in the event of an attack by helping to cover your losses and connect you with the resources you need.

Back to top

What does cyber security insurance cover?

A cyber security insurance policy from Hiscox provides financial restitution for the costs associated with several different types of cyber incidents, as well as tools to prevent an attack and expert assistance to manage an attack. Here’s what a Hiscox cyber security insurance policy covers.

📌 Data breach costs

If you have a data breach, your Hiscox cyber security insurance policy can cover the costs associated with responding to that breach. This can include the forensic costs to confirm and identify the breach, the cost to notify affected individuals, the cost to provide credit monitoring, and crisis management and public relations costs.

📌 Cyber extortion costs

Cyber extortion is when your data is ‘kidnapped,’ and the threat actor tries to extort money from you via a ransom demand. A Hiscox cyber insurance policy includes access to breach response experts who will determine the best course of action to get your data back.

📌 Business interruption

When your network-dependent revenue is interrupted due to a covered event, your Hiscox policy can cover the lost revenue. Covered events can include viruses, tech failures, system errors, and computer hacks.

📌 Data recovery

A Hiscox cyber security policy can cover the cost to replace, restore, or repair data and software that has been damaged or destroyed.

📌 Privacy protection

This includes the cost to defend and resolve claims regarding the handling of confidential corporate or personally identifiable information. The costs of regulatory proceedings and investigations into privacy violations may also be covered.

Optional coverage enhancements include cyber crime, which includes financial losses due to social engineering and funds transfer fraud; and digital media coverage, which can defend and resolve claims of copyright or trademark infringement, invasion of privacy, defamation and more, related to online content.

📌 Expert breach response services

One of the most important benefits of a Hiscox cyber security insurance policy is the access to breach response services. When a policyholder suspects they have had a data breach or other cyber incident, they can call a breach response hotline 24/7 and speak to an expert who will advise them what to do.  

Back to top

Should you pay a ransom demand?

One of a business owner’s worst nightmares is getting a ransom demand from a hacker. You’ll likely be told that your system has been compromised and your data will be inaccessible until you pay a ransom, often in cryptocurrency. Ransom demands are often in the millions of dollars, even for small companies.

There’s a lot of debate around whether a cyber ransom should be paid, and for good reason. First of all, your data is already in the hands of a threat actor, who may be using it for nefarious purposes even before you know it is gone. Plus, there’s no honor among thieves. These are criminals, after all, and just because they are saying they will restore your data after you pay the ransom doesn’t mean they will.  

The Hiscox Cyber Readiness Report 2023 found that for businesses who paid ransoms, only half (50%) recovered all their data and half (50%) were forced to rebuild their systems. What is even more daunting is that just because a ransom is paid, it doesn’t mean the attackers won’t strike again. The report also found that over a quarter (27%) of businesses who paid ransoms were attacked again and 27% went on to be asked for more money by the attacker.

Back to top

Report any suspicious activity

The sooner you report a possible attack, the sooner the experts can get started trying to contain the damage. Even if your fears turn out to be unfounded, call your insurance carrier if you suspect a breach. They can help determine whether you’ve been compromised and, often, who the threat actor is. This helps determine how you should proceed.

💡✍ As technology continues to advance, the risks associated with it will only increase. Having the proper safeguards in place to prevent, detect, and mitigate a cyber incident is critical to the survival of your small business.

Back to top

📢 Also in this series:

Back to top

Bettering Your Business

Protect the business you’ve worked so hard to build. Get a fast, free quote and your business could be covered today.

Get a Quote
Get a Quote

Related Articles

We’re here to help.
We provide tailored insurance for the specific risks you face, so you can take the right risks to grow your business.
Get a Quote
Get a Quote