What could a cyberattack do to your business?

Fact: Cyberattacks on SME’s often result in substantial financial loss.  Some attacks can even close a business for good.

This can include:

– theft of corporate information

– theft of bank details and payment cards

– theft of money

– loss of business or contracts

– disruption to trading

– loss of reputation as a secure business partner

– erosion of trust with trading partners

Furthermore, a study by Hiscox Insurers recently showed that less than half the businesses in the UK have protected themselves or made ‘crisis’ plans to deal with cyberattacks.  And clever criminals have realised that not only does a business’s data have a value, but so too does threatening a company’s ability to function.  They often encrypt your own data, and then charge you to get that same data back, and hackers can now use sophisticated software to disrupt company systems while demanding hefty ransom payments.

Government figures show that cyberattacks in the UK doubled in 2015, and the UK now accounts for one in every eight known cyberattacks across Europe.

So, the question becomes not ‘do you need advice and insurance against cyberattacks’? But which insurance package best suits your business?

For the vast majority of SME’s, this means protecting against data breaches and ransomware. If the company holds personal data, it is likely that the hackers will use that data to defraud and extort money, and costs to investigate a data breach are very expensive, even before factoring in third party claims.  It very quickly becomes a waking nightmare for the SME.

There is now another motivation for businesses to protect themselves – the General Data Protection Regulation.  The act comes in to force in 2018, and gives clients and customers the right to ask for their personal data to be erased, and increases the expectations placed on the businesses themselves.

“Under GDPR, businesses must understand what personal data they hold and where,” said director Nik Hynes, “and whether they have collected and processed that data properly, who they are sharing it with and who they are processing it for.  In the event of a cyberattack, they must establish the extent of the data breach and report it within 72 hours.

Could your business do this?

If not, talk to one of our experts at Tree Accountancy or email kate@treeaccountancy.co.uk for further information.  Don’t get caught out.  Merry Christmas!

Tags: , , , , , , ,

Leave a Reply