Mid-Market Firms Have Higher Risks Related to Cyber Attacks Than Larger Companies

This certainly makes a case for adding cyber insurance to a company’s insurance portfolio. However, only one-in-five companies has cyber insurance and more than half have no plans to purchase it, according to the Ponemon Institute.

While a cyber attack could be disastrous for any company, mid-market firms in particular are at higher risk because they have fewer resources at their disposal with which to protect themselves. In addition, a cyber attack would be more likely to threaten the ongoing viability of a midsized business.

“Their preparation is low, and the costs of customer notification alone can be enough to do a small company irreparable financial harm,” noted Timothy Francis, cyber enterprise lead at The Travelers.

In the past, mid-market CEOs may have thought their company was not on the radar of cyber criminals. But “it’s the data that makes a business attractive, not the size,” Jody Westby, CEO of Global Cyber Risk, said in CSO; “especially if it is delicious data, such as lots of customer contact info, credit card data, health data, or valuable intellectual property.”

And today’s cyber intruders, using highly advanced, automated infiltration tools, consider midsized firms more attractive because they’re in the “low-hanging fruit” category. Cyber crooks can get in, get out with the goods, and frequently go undetected.

In addition to the costs incurred when customer data is illegally viewed, stolen or deleted, cyber breaches can also cause damage to normal operations, transactions with business partners, customer loyalty and the firm’s reputation.

In 47 states, enterprises must inform all affected by a cyber breach and take steps to fix the damage. Some states demand that breaches be reported to the state’s attorney general, and that firms implement tough security measures.

With more mid-market CEOs realizing the need for cyber coverage, the insurance industry has been quick to respond. Although cyber insurance costs are escalating for multi-billion-dollar enterprises, insurers are competing actively for mid-market clients, offering customized products and competitive rates.

Now is the time to prepare for what the experts tell us is inevitable. An ounce of prevention, as they say, is worth a pound of cure.