On Leadership, Threats and Operational Security

A few years ago, a small business in San Diego was hit my malicious cyber attacks over the internet that were launched from local IP addresses.

As they were protected as much as they felt they could be, they contacted the national carrier to deal with the denial-of-service component of the problem.

Too Small to Service

After going through several levels of management, the answer that they heard was that the carrier gets about 10 million threats per day on their network and it is pretty difficult to assume that they would be given some kind of priority as a small business to have your problem explored.

Understanding that type of threat, which was simply a script being run through several zombie computers, can escalate to actual specialists trying to actively access your Internet information was enough to drive the owners towards looking at specialized business insurance that could keep them safe from liability.

What is Cyber Insurance?

The most common way for small businesses to get protection is to first ensure that they have an industry security compliance on their cloud presence and to ensure they use the right cyber security solutions like the use of a SWG. After they have done so, they can look at cyber insurance. Cyber insurance is a form of insurance that covers almost any type of business attack from hacking to data breaches.

If you lose a client’s data or valuable data of your own, you can recover some of your losses or offset the liability with an insurance claim. Some forms of coverage also cover the loss of work time due to denial of service attacks.

Small companies are fortunate that almost 90 percent of the policies that are available provide coverage to companies inside the United States. Another nice feature is that the bulk of the policies can be priced by getting insurance quotes online.

Preparing to Get a Policy

As mentioned, upgrading or validating that you have industry standard security compliance is an important part of qualifying for cyber insurance. If you have an online e-commerce site, you should have encryption, a good hosting provider, and potentially a third-party service that verifies your site security.

The cost of preparing for cyber insurance can be a consideration for small businesses, so if you are just starting you might consider talking to cyber insurance representatives about the requirements that they have so that you can focus on meeting their criteria.

Another area that comes into play is knowing the type of coverage that you think you will need. If you store client credit cards online in a database, you will likely focus on a different type of coverage than if you are a company that uses a third-party payment processor’s site to process transactions for published material that carries copyrights.

Are They Really Out There?

A lot of smaller companies have not formerly had too many problems that they know of when it comes to the information that they keep online. Two trends are changing that picture. The first trend is one that has more businesses relying exclusively on computing in the cloud.

The second is that security researchers are finding pieces of data from every size company imaginable online in what is known as the Internet ‘dark’, or an area that people use to store information that may be for sale. Gone are the days when hackers were exclusively interested in finding ways to beat security or promoting a cause. With billions of people online, the focus has shifted to money and information.

New Operational Threats

As far as attacks are concerned, in addition to outright hacking and employee theft, there are a couple other types of attack that are growing in popularity.

  • One is stealing the anonymity from people and putting together a trail of behavior that can be used as business intelligence.
  • The other is creating boiler rooms that are information clearinghouses of stolen data that goes on the market to whichever organization or person that will pay for it.

The net result for small businesses is a competitive disadvantage for their online offerings unless they have adequate security- and potentially some insurance protection in place. For the small business owner who hasn’t recently checked their security arrangements, 2016 is a great time to start looking at turning a disadvantage into a sales advantage by validating the notion that your client and internal data is secure.

**********
Never miss an issue of Linked 2 Leadership, subscribe today!
Learn, Grow & Develop Other Leaders

———————
Robert Cordray

Robert Cordray is a freelance writer with over 20 years of business experience
He does the occasional business consult to help increase employee morale
Email | LinkedIn | Twitter | Web

Image Sources: twinsystems.com

Please note: I reserve the right to delete comments that are offensive or off-topic.

Please Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.