PwC did a study for UK Department for Business, Innovation and Skills and according to PwC, the small businesses, the worst breaches cost between £65,000 and £115,000 on average; for large firms, the damage is between £600,000 and £1.15m. While that study was done in UK, the financial damage is estimated to be around that locally.
The financial damages on the company arises from the business loss during the downtime in a Denial-of-service attack, legal suits because of data leak or a more serious ones such as competition information are stolen in a Direct-access attack.
An MNC will most probably have the financial resources to beef up their IT teams and security system but a SME may not have the luxury of funds. The cyber criminals took advantage of this and viewed SMEs as a softer target and a route to bigger business partners. According to Stephen Ridley, companies can follow several simple steps to reduce cyber-risks. He suggests using secure passwords such as three random words, installing antivirus and malware software on all company devices, instigating regular software updates that contain vital security upgrades and educating staff on cyber-risks.
Just like preventing ourselves from a virus attack, we can have all the vaccination jabs and precaution taken but still hit by the virus. You may want to consider having a Cyber Liability & Data Protection Insurance to mitigate the financial loss in an event of cyber security breach. There are a few such plans in the market and they typically covers
- Third-party claims
- Remediation costs
- Cyber extortion costs
- Business interruption
To share a claim experience, a company with a turnover of SGD 2M and 8 staff had their server and client’s record locked by a Ransomware software. The company had to pay SGD50,000 to the hackers in order to get their files back.
SGD150,000 was paid to the company for the loss of income, the ransom demand including consultant cost and cost to restore the network as the hackers refused to release the files after receiving the ransom payment. The premium paid by the company was about SGD 3,000 a year.
You can make enquiries with Mohd. Faizal to attend a workshop on Cyber Security and Risk Management to know more about your company’s exposure to cyber security risk.
Do note this cyber insurance is mainly for SMEs and if you are having a business that is bigger in size, another package of cyber insurance may be more suitable. If you need more information on how cyber insurance can reduce the financial damage to your company, please submit the form below.
By submitting this form, you agree to be contacted in relation to this enquiry.
My IFA@Sg 