Cyber Crime and How To Protect Your Business

Cyber Crime and How To Protect Your Business

Security breaches are not just a big business problem anymore. The days of hackers targeting only large retailers are long gone. Identity thieves also target small to mid-sized businesses that may have fewer data security resources. In fact, 29 percent of small businesses have had at least one data breach, and 65 percent reported a negative impact on their business’ reputation1.

With attacks that can misdirect wire transfers and hold computer systems hostage, hackers can successfully target any industry, particularly those that are behind the curve for cybersecurity.

This applies to you as a business owner. Because today… conducting business means working online. The risk of cybercrime can be devastating to your business and to your clients. Here are potential threats to be aware of:

Business email compromise

A business email compromise (BEC) is an attack that deceptively convinces businesses to wire funds to criminal back accounts by pretending to be business counterparties, such as vendors. Often, the criminals will send an email from a spoofed account that appears to be from someone within the business, such as the CEO or a trusted party, like an attorney.

Malware and ransomware

Businesses can be at risk for being infected by types of malware from hackers targeting banking credentials or personally identifiable information. Banking Trojans are used by criminals to capture a victim’s banking credentials to wipe the bank account clean. Other types of malware can be used to steal personally identifiable information, like employee or tenant sensitive data that can be used for identity theft purposes. Small business targets with employee data, client data and significant holdings in bank accounts remain potential targets for these attacks.

Ransomware is malware that encrypts data on computers and makes the data unavailable until a ransom is paid, has become an immensely profitable method for hackers to attack businesses. Like most businesses, accountants and tax professionals rely on electronic information and systems to run day-to-day operations. An employee clicking on one malicious email can lock up the information for the entire company. Ransomware can also target physical devices that are internet-enabled, not just personal computers and servers.

Cloud computing vendors

Small businesses are following the trend of increasingly relying on cloud computing applications, but those vendors that store information also represent a cybersecurity vulnerability. A criminal does not need to hack a business to get that business’s sensitive data these days: it can target trusted vendors like cloud providers that store other parties’ sensitive information. Even though it may seem that by using a cloud provider, a business is outsourcing the risk, if a cloud provider gets hacked, the business many be stuck holding most of the liability. Provisions in cloud computing agreements often provide minimal protection to customers in the event of a cyber attack, so customers are often left to eat most of the liability.

What you can do to safeguard your cyber presence

Now that businesses are in the crosshairs of cybercriminals, business owners should be focusing on implementing protections to reduce the chance of becoming a victim of an attack and to improve their ability to respond in any such incident. And since there is no such thing as perfect security, cyber liability insurance can be an important way to mitigate risk. There is a wide disparity of what is covered by any cyber liability insurance policy, so it is important to ensure that the policy you employ covers you for the risks that your business may face and, potentially, even business interruption.

Risks for data compromise range from stolen laptops to dumpster diving to computer theft to database hacking. Data compromise coverage provides first-party coverages for small businesses to respond to state notification requirements. Because many states have enacted breach notification laws that require businesses to notify those affected by a data breach, not having data compromise coverage can deter customers from your business.

Data compromise assists in compliance with applicable state laws and provides a timely, professional response to a data breach. The business owner’s policy (BOP) you currently have may not cover data compromise. Check out this additional optional coverage and be assured your clients will get a timely, professional response to a data breach.

If you have questions about cyber liability insurance options or want to see what additional coverage may help better protect your business, Allstate can help you choose the coverage that fits your business needs. Visit


1Study conducted by Zogby Analytics sponsored by Hartford Steam Boiler