From little cyber security problems, big cyber security problems grow
In 2023 cybercrime has its dirty little fingerprints everywhere, and small businesses are not immune to the risks that come with this ever-present 21st century challenge. No longer reserved solely for science fiction such as Blade Runner and The Matrix, this year has seen sophisticated hacking and a multitude of other cybercrime tactics run rife.
Not surprisingly, an increase in opportunities for cybercrime comes with this territory, and small business owners represent an enticing target for cybercriminals due to the sensitive financial and personal information they hold.
Cybercrime is a 24/7 global operation and Australians are in cybercriminals’ crosshairs just like everybody else. June 2023 survey results of 13,887 computer users in Australia by the Australian Institute of Criminology noted that in the 12 months prior 22 per cent had been a victim of malware, 20 per cent had been a victim of identity crime and misuse, and eight per cent had been a victim of fraud and scams.
Alarmingly, 47 per cent of respondents experienced at least one cybercrime in the 12 months prior to the survey, and nearly half of all victims reported experiencing more than one type of cybercrime.
While the common assumption may be that some organisations, such as small businesses, aren’t in cybercriminals’ crosshairs, the reality is that all businesses hold sensitive data that cybercriminals would love to get their greedy little hands on.
No business or individual is immune to cybercrime
No cyber breach is too small to ignore. Take for example this real-life case of how a management consulting small business based in Sydney was targeted by cyber criminals in November 2022 and how a seemingly small, easy-to-miss cybercrime could have ruined their business. Luckily, the business had a risk management plan in place that included reducing its cyber risks.
“Sometimes small business owners may feel that they are too small to be targeted by cybercriminals,” says BizCover’s Head of Product, Channels & Risk, Jane Mason.
“But all businesses can fall victim to cybercrime."
“There is a growing requirement for Cyber Liability insurance, which suggests that small business owners know that they are not immune to the malicious activities of cyber criminals.”
Take into consideration a claim* experienced by a BizCover small business customer. Although it’s not to be seen as an indication as to how any potential claims are assessed or accepted, it’s an illustration of how coverage for claims is determined by insurers.
In the trendy inner city Sydney suburb of Surry Hills, where major media companies such as News Corp Australia and Yaffa Media rub shoulders with a thriving start-up scene that has been likened to Silicon Valley, sits a small but successful management consultancy business.
With 11 staff and an estimated annual revenue of $2,500,000, the business owners had built a successful business in a short time. In 2022, they decided to protect their business with Cyber Liability insurance* with BizCover. And it wasn’t long before this proved to be a great decision.
In November of that year, the business was targeted by cybercriminals who breached its email system and sent fake emails to the business’s clients requesting payment into a fraudulent bank account.
Facing a disastrous challenge, the worried business owners reached out to their business insurance provider’s 24-hour Cyber Hotline to report the breach. Believe it or not, cyber hotlines are normally offered as part of your insurance cover and they can run seven days a week.
With a third-party response advisor digging into the case, an in-depth forensic investigation kicked off to get to the bottom of the case and assess the impact on the targeted business and the extent of the email compromise.
With the investigation completed, the business was able to take some of the sting out of the security breach by submitting a successful Cyber Liability insurance** claim that helped them get back to business as usual sooner.
The investigation dug a little deeper and discovered that the company that was impacted by receiving the fraudulent email should share responsibility with the first business for the loss. This was because one of their mutual clients was impacted and they had an opportunity to identify the fraudulent email but didn’t.
The company’s business insurance paid over $200,000 to the business owners, including third-party claim settlement, forensic investigation, and other rectification costs. This is a whole world of drama that this specific small business owner was saved from. If you are always in doubt, it’s important to speak to an expert who can guide you and provide advice on whether your type of insurance cover is adequate for your business needs.
*The provision of the claims examples are for illustrative purposes only and should not be seen as an indication as to how any potential claim will be assessed or accepted. Coverage for claims on the policy will be determined by the insurer, not BizCover.
**This information is general only and does not take into account your objectives, financial situation or needs. It should not be relied upon as advice. As with any insurance, cover will be subject to the terms, conditions and exclusions contained in the policy wording.© 2023 BizCover Pty Limited, all rights reserved. ABN 68 127 707 975; AFSL 501769