The chance you will experience a disruptive Cyber Security Event is much more likely than that you will experience a traditional Business Insurance Event!
The rate of hacks and ransom-ware attacks on small business is staggering. What could our small companies possibly have of interest to bad people? Actually we have a profile that some find very attractive:
Our investment in computer security is small and loosely managed. Even if we have hired one of those fancy cloud companies to improve our security and make us feel more secure, small business is still the easiest commercial target going.
Small business does not have technologists on staff to monitor and respond to attacks so the chance that a $300-$5,000 payment will be made is higher than for organizations that have technologists on staff that understand the ransom-ware process and can respond.
Many small attacks against small businesses can be successfully completed without drawing the attention that attacks against large companies bring.
Whether you engage Xactec’s CISSP or the services of another organization to asses your risk, “reasonable care” dictates that you conduct periodic reviews/assessments with cyber-security professionals. A typical review simply finds your vulnerabilities, provides you options to remedy them, and you (the business decision maker) decide your risk tolerance and response.
“I’ll do nothing” is not an option for your company insurance or knowing your cyber security exposure.