Small Businesses Dive In to Cyber

  • By: williamjones
  • September 2, 2014

By: Russ Banham

According to a 2013 survey by the National Small Business Association, 44% of small businesses have been victims of at least one cyber attack, costing an average $8,700 per breach.

Last year, a survey by the Ponemon Institute reported that 55% of small businesses had experienced a data breach, and 53% had endured multiple breaches. Survey respondents were limited to small businesses with revenues under $10 million.

“It’s not a matter of ‘if’ small organizations will be attacked—it’s a matter of ‘when,’ ” says Leah Montgomery, Western territory cyber security specialist at Chubb. “Any company that stores, transmits or collects proprietary information is at risk.”

While major cyber crimes against large retailers like Target and Neiman-Marcus tend to receive all the ink, small businesses are actually the easiest prey—hackers know these companies don’t have the resources to withstand their incursions. So why are smaller businesses such a tough sell for cyber risk insurance? “They believe it won’t happen to them, or if it does, the costs will be insignificant,” Montgomery says. “Or they think the price of the insurance is too high to afford.”

“These are naïve views,” says Joe Coray, vice president, technology and life science practice at The Hartford.

But small businesses are beginning to realize they are at serious risk. “I’m more optimistic for a single reason—agents are much less skeptical of why they need to strongly sell this insurance,” Coray says. “They are finding ways to better translate the need for the coverage to their commercial accounts.”

That’s thanks in part to a growing acceptance of technology’s role in business and greater ease of binding the insurance—the coverage no longer requires the arduous application process and stringent underwriting criteria it did in the past.

Best of all from a sales and marketing standpoint, cyber insurance premiums are on the decline. Underwriters previously had sparse claims data with which to price the product, and premiums were high since the companies that bought it generally carried the biggest risk—like banks.

Those days are over. “There is a lot more flexibility in the market now,” Coray says. “Entry point buying costs are very low and reasonable.”

Russ Banham is an IA contributor.

SIDEBAR: False Sense of Security

Here are a few of the myths that might be preventing small businesses from purchasing cyber insurance:

  • “It won’t happen to me.”
  • “If it does happen to me, the costs will be insignificant.”
  • “I don’t need it because I have an annual subscription to McAfee, Symantec or Norton.”
  • “All my data is in the cloud—the cloud provider will take care of any losses.” —R.B.
Independent Agent November 2025 burnout

The November issue is out now!

Look Inside

Related

Preventing E&O Exposures as Insurance Agencies Turn to AI

  • Markets

The Hanover Launches Workers’ Comp Advantage

  • Markets

Navigating the New Risk Landscape of Data Center Construction

  • Markets

Can a BOP Have Business Income Coverage Without Building Property Coverage?

  • Strategies

Privacy Litigation Risk Grows ‘Substantially,’ According to Coalition Report

From the Front Lines: HOA Insurance

  • Viewpoints

Builders Risk Insurance: 5 Coverage Gaps and Policy Misconceptions

  • Markets

3 Ways Agents Can Help Commercial Auto Clients Drive Down Risk  

  • Markets

How Economic and Climate Uncertainty Impacts the Builders Risk Market

  • Markets

RPS Launches General Liability Program for Contractors

  • Markets