A new study has found that the fastest-growing cost associated with cyber incidents is businesses interruption, reinforcing the need for businesses to have in place robust response and data restoration measures, particularly after a ransomware attack.
Between 2019 and 2023, the average cyber insurance claim that involved business interruption ended up costing 450% more than claims that had no lost income, according to the “2024 NetDiligence Cyber Claims Study.”
Business interruption can occur if a cyberattack like ransomware fully or partially disables a company’s operations or if a vendor suffers a cyberattack that forces the client company to suffer a loss or inability to operate.
The latter, known as “contingent business interruption,” can occur if a cyberattack cripples a supplier’s factory from producing a part that’s crucial for another company’s production operation.
The study also found that if business interruption is involved, the cost of all parts of a claim, such as crisis services and recovery costs, also increase.
For claims with no business interruption losses, the average cost of a cyber claim for small and mid-sized enterprises (SMEs) between 2019 and 2013 was as follows:
- Crisis services: $96,000
- Regulatory and legal: $24,000
- Total incident cost: $205,000
However, for SME claims with a business interruption component during the same period, average costs were*:
- Business interruption: $487,000.
- Crisis services: $279,000
- Recovery expense: $115,000
- Total incident cost: $995,000
* There was no information on regulatory and legal costs for these types of claims.
For large companies, the average business interruption cost was $26 million, with total incident costs averaging $36 million in 2019-2023.
What you can do
First: Ensure that you have in place systems, policies and training to reduce the chances of your organization being hit by a cyberattack.
One of the study authors noted that many companies he deals with are woefully unprepared for a cyber event-caused business interruption.
“We continue to see SME clients transform their businesses to be more reliant on digital systems while failing to understand the inherent risks that come from complex digital ecosystems,” said Alden Hutchison, principal of global consulting firm RSM US LLP.
“This becomes very evident during the recovery process for a client where it’s clear they haven’t planned for resilience in their digital platform nor practiced operating their business processes during a crisis scenario,” he explained.
Experts recommend:
Disconnecting all networks. As soon as a threat is discovered, disconnect every vulnerable device from your network in order to keep the attack from spreading.
Regular back-ups. Back up critical data to a secure, offsite location to enable swift recovery in case of a cyberattack. Even better: Download your data on a daily basis to a hard drive that is not connected to you database or the internet.
But beware: Ransomware can have dwell times as long as six months, so malware might have been included in your archival backups. Before restoring, run an anti-malware package on all systems and drives.
Detailed planning. Create a detailed plan outlining response procedures to a cyberattack, including roles, responsibilities, and data recovery and restoration strategies. Also, prioritize in advance what data or systems needs to be recovered first, and when.
Continuous monitoring. Continuously monitor network traffic for suspicious activity to detect potential threats early and before they spread and threaten to take your entire system down.
Cyber coverage
Finally, you should have in place a cyber insurance policy. Most policies include coverage for both business interruption due to an event on your systems and contingent business interruption for a cyber event at a vendor or supplier.
You can often work with us to tailor-make your cyber policy to ensure it would cover your business’s specific needs.
BGES Group is one of New York, New Jersey, and Connecticut’s Construction Insurance Specialists representing 50+ companies, including all the BEST general & umbrella liability programs. We offer all the coverage needed, including property, builders’ risk, inland marine, general liability, umbrella liability, auto, bid & performance bonds, workers’ compensation, N.Y.S. disability, and group health. Our commitment to you goes beyond the policies we provide. We are always just a call, text, or email away, ready to assist you, even on weekends. We understand the importance of your business and are here to help you navigate any insurance challenges.
BGES Group are Workers’ Compensation Insurance Specialists for Tri-State Business Owners: Unhappy with your rates, company, being canceled, losses causing difficulty getting coverage, in the middle of an audit dispute, misclassified payrolls, or whatever your issue. We can help! We have special programs for Auto Services, Contractors (especially in New York), Limousine Services, Logistics Companies, Manufacturers, Recyclers, and Truckers; we can help ANY tri-state business owner. We are considered “Preferred Agents” for this one program that, if we can get you into, their pricing is excellent, offers long-term coverage stability, and can cover multi-state operations. The program takes the hassle out of doing annual audits, too.
If you want to speak with us, call Gary Wallach at 914-806-5853, click here to email, or visit our website.
Company: BGES Group, 216A Larchmont Acres West, Larchmont, NY 10538
email: bgesgroup@gmail.com
website: http://www.bgesgroup.com
© – Copyright – 2024 – BGES Group
###