Skip to main content
  • Claims Center
  • Contact Us
  • Español
  • Brokers & Agents
Hiscox Insurance
Menu Toggle
  • Home
  • Small Business Insurance Toggle Menu Toggle Menu
  • Why Hiscox Toggle Menu Toggle Menu
  • Resources Toggle Menu Toggle Menu
  • Policy Management Toggle Menu Toggle Menu
  • Claims Center
  • Contact Us
  • Español
  • Brokers & Agents
  • About
  • Get a Quote Get a Quote
  • About
  • Get a Quote Get a Quote
  • Blog Home
    Start Your Business
    Grow Your Business
    Protect Your Business
    Celebrate Courage
    Search

    Twenty-Four Seven

    Sign up to get the latest small business news delivered right to your inbox.
    Protect Your Business
    May 13, 2016
    cyber security

    Small business management: 4 Ways to prevent a data breach

    Cyber | Insurance 101
    By: Hiscox Blog

    Share Image

    Embed Image

    Copy

    Share Article:

    Think your small business is too tiny to get hacked? Think again. While it’s usually the cyber hacks at big organizations like Target, Home Depot and the IRS that capture the headlines, small businesses are uniquely vulnerable to cyber crime. Why? Startups and small businesses tend to have less complex cyber security defenses, lax password guidelines and fewer risk management controls than more complex organizations. As a result, they’re often seen as low hanging fruit for scheming cyber criminals. The cost of resolving a data breach are daunting, no matter the size of a business. In 2014, the average post data breach costs were $1.6 million. Luckily, you can mitigate potential losses from a hack with cyber liability insurance.

    Cyber security experts agree that if you run an e-commerce business or in any way retain sensitive customer information, you could be the target of a hack, and equally as bad, a lawsuit from your clients.

    Here are four things you can do to protect your business from the damaging effects of a cyber attack:

    1. Get cyber insurance

    Cyber insurance is a great complement to a general liability insurance policy, which virtually all small businesses should have to protect from claims of bodily injury in the course of business operations.

    As anyone who’s ever gotten a virus on their computer knows, it’s tough to stay a step ahead of the hackers. No business is immune and cyber criminals are becoming more sophisticated every day. Sometimes even the most stringent security processes aren’t enough. Make sure your business insurance coverage includes cyber liability insurance so that your business will not suffer financially if you have a breach.

    The costs associated with a data breach are high, even if the data that is compromised is never used for malicious intent. As the caretaker of the data, you are responsible for the cost to notify any affected parties that their data may have been breached. You may also be responsible for providing credit monitoring to any affected parties, and for the costs associated with any identity theft stemming from the stolen data.

    One so called ‘soft’ cost of a data breach is the loss of goodwill for your business. If your customers trust you with their personal information and that trust is compromised, you could lose business because of it. It can be expensive to earn that trust back.

    All of these costs could be covered by  cyber insurance for small business. This coverage is becoming more critical as hacks become more prevalent and more sophisticated. Many people believe that their business liability policy includes cyber coverage, but it may not. Check with your insurance agent or carrier to make sure that you have this important protection.

    2. Secure your data

    Virtually all businesses have to keep some kind of customer and employee data that may be sensitive. This can include credit card numbers, social security numbers, medical information, even just names and addresses. Make sure that both physical and digital data in your care is secured.

    • Paper files should be stored in a safe, or a locked cabinet or drawer. The same is true for any removable storage device like a thumb drive, CD or backup drive.

    • Access to customer data, whether physical or virtual, should be restricted to those who have a need to use it. Do a periodic review of who has access to customer and employee data and why.

    • Dispose of sensitive information you no longer need in a secure way. Shred paper files, and make sure that digitized information is permanently eliminated from all devices.

    3. Secure your systems

    Passwords are the first line of defense against cyber attacks. The more secure you can make your passwords, the more immune you are. Make sure passwords are complex, with a combination of numbers, upper and lower case letters, and special characters. Passwords should be changed at least every 90 days and never shared or written down.

    Multi-factor authentication is becoming more prevalent as an extra layer of security. This is a system that requires a user to enter more than one factor to gain access to a system. It may be a separate password that changes frequently and is accessed from a separate device like a smartphone, or it may be a series of questions that must be answered to gain entry.

    Some systems use fingerprint or retinal identification to ensure that only authorized people can access their data. These systems are expensive to implement, so they are currently used primarily by large corporations and government agencies for extremely sensitive information. As they become more common, costs will likely decline and they may become a standard for businesses of any size.

    Make sure your network is secure as well. You should have a firewall, and make sure all virtual private networks (VPNs) and wifi are secure. Keep all software and operating systems on networks and devices up to date.

    4. Educate yourself and your staff

    The human element may be the single most effective way to prevent a cyber attack, since it’s the only one that hackers cannot overcome with malicious code. Make sure your staff understands the importance of maintaining secure passwords and protecting both paper and electronic records.

    Educate your staff about phishing and business email compromise (BEC) schemes. Both of these schemes involve bogus emails that appear to come from a company or person familiar to the victim, requesting that sensitive information be provided or ‘confirmed’ or that money be transferred to a third party.

    A BEC scheme often targets those businesses that commonly use wire transfer as a way to collect from customers or pay vendors. The perpetrator may create an email that appears to come from the company president or CFO, requesting that the accountant or bookkeeper transfer money to the account of a supplier. The account, of course, does not belong to the supplier at all, but to the fraudster. Make sure that you have controls in place so that any requests, even if they appear to come from you or another executive, are verified.

    Want more information cyber breaches? Check out Hiscox Cyber 101.


    Protect Your Business

    Protect the business you’ve worked so hard to build. Get a fast, free quote and your business could be covered today.

    Get a Quote
    Get a Quote
    Subscribe to our newsletter

    Related Articles

    5 Min Read
    Small business owners in capes, protecting what they've built from impacts of recession

    Ideas on how to make your business recession-proof

    Management | Entrepreneur

    Here’s what you need to know about the recession and some things you can do to reduce its impact on your small business.

    Read More

    4 Min Read
    sole proprietor learning what insurance policies are best for her business.

    Useful information on the best insurance for sole proprietors

    Insurance 101 | Entrepreneur

    As a sole proprietor, were you aware that you should have business insurance? Get the details on what type of policies are best for your small business needs.

    Read More

    3 Min Read
    Man sits on couch with telehealth professional on laptop

    Telehealth: Risks and rewards for your healthcare business – and what comes next

    Management | Cyber

    Many health and wellness providers are offering their services virtually. Here’s what you need to know about the risks, rewards, and future of telehealth. 

    Read More


    We’re here to help.
    We provide tailored insurance for the specific risks you face, so you can take the right risks to grow your business.
    Get a Quote
    Get a Quote

    Footer menu 1

    • What We Cover
      • Business Insurance
      • General Liability Insurance
      • Professional Liability Insurance
      • Errors and Omissions
      • Cyber Security Insurance
      • Workers Compensation
      • Other Coverage
    • Who We Cover
      • Small Business Owners
      • LLC
      • Sole Proprietors
      • Entrepreneurs
      • Side Hustle
      • Contractors
      • Home Businesses
    • For Our Customers
      • Refer a Friend Program
      • Covid-19 Response
      • Claims Center
    • For Business Owners
      • Save with our Partners
    • About Hiscox
      • About Us
      • Careers
      • Contact Us
      • Hiscox Corporate
      • Investors
      • Foundation
      • Newsroom
      • We Stand Together
      • Affiliate Partner Program

    Footer menu 2

    • Accessibility
    • Site Map
    • Privacy Policy
    • Terms of Use
    • Legal Notices
    • Español

    Feefo Reviews: Hiscox rated 4.7/5 with 1,067 reviews between January 1, 2022 - January 1, 2023

    * Any cost, premium, or coverage stated before an official customer quote are estimates and an approximation and are not guaranteed. Actual cost, premium, and coverage are subject to the unique considerations of each individual risk. Customer quotes are based on the information provided to Hiscox, and are subject to required underwriting and rating factors. Until an official customer quote is provided, all communication on this website or advertisement is provided as an example for informational purposes only, and is neither an offer nor a guarantee of available premium or coverage. Any coverage afforded by the products described are subject to and governed by the terms and conditions of each policy issued. This information may not be used to modify any policy that might be issued. Any information provided to assist in understanding the coverage we offer does not modify any insurance policy, nor does it imply that any claim is covered.

    © 2023 Hiscox Inc. All rights reserved. Underwritten by Hiscox Insurance Company Inc., 30 N. LaSalle St., Suite 1760, Chicago, IL 60602. As of December 31, 2021, HICI had admitted assets of $1,250,758,353 and policyholders surplus of $332,792,666. Total liabilities were $917,965,687 (inclusive of $433,752,764 of loss reserves) and paid-up capital stock was $4,242,000.

    icon-facebook
    icon-youtube
    icon-twitter
    icon-linkedin