As more business information moves online, cybercrimes are increasing—and small businesses are often a target.

However, many small business owners don’t realize their company is at risk. Leaders at more than half of small- and medium-sized businesses think their company is too small to be a target for ransomware, according to the Ponemon Institute’s 2018 State of Cybersecurity in Small & Medium Size Businesses Report. 

Cyberattacks come in many different forms. For example, an employee may click on an email link containing malware that allows hackers to steal company information. Then, a company computer could be infected with ransomware that allows hackers to lock down systems and demand that the owner must pay to regain access.

Cybersecurity is a complex and ever-changing area of risk, both for businesses and individuals. However, it can also be a great opportunity for independent insurance agents to show their value to small business clients by offering risk education and expert advice.

As cyber threats grow, independent insurance agents need to be aware of the importance of talking to customers about cybercrime and cybersecurity. Here are four conversation starters that will help you talk to your clients about cybersecurity.

1) Small businesses can be especially vulnerable to cyberattacks. It’s become easier for hackers to get access to attack software, making cyberattacks more common. By the end of 2021, there will be a ransomware attack on a business every 11 seconds, according to Cybersecurity Ventures. Data from PRNewswire and Insurance Journal report that small businesses make up to 58% of cyberattack victims.

This may be because small businesses can be easy targets. Many do not have the IT infrastructure and processes they need to guard against attacks. In Ponemon’s report, 74% of respondents said they don’t have the personnel to mitigate cyber risks and 55% said they don’t have the budget.

2) Attacks can be detrimental. Depending on the severity, a cyberattack can cost a company tens of thousands or even hundreds of thousands of dollars. Along with disrupting operations and damaging IT infrastructure, a cyberattack may lead to regulatory fines, liability issues and damage to the company’s reputation. 

In any case, a cyberattack can negatively impact a business, and a severe attack may even be enough to take down a small business. A staggering 83% of business owners have no funds set aside to recover from a cyberattack or data breach, according to a survey by InsuranceBee.

3) Insurance coverages are changing. With many new startups entering the market and well-established carriers offering cyber insurance products for small businesses, cybersecurity has become a hot topic within the insurance industry.

Because of all the competition in this new market, premiums tend to be low and coverage limits high. Coverages vary—and since the risks change so quickly—there are still many gray areas. Independent agents can help business clients understand what they are covered for and keep their policy up to date as risks change.

4) Clients need education about measures for cyber protection. Cyber insurance covers many of the costs of recovering from a cyberattack, but many cyber risks aren’t directly insurable For example, the negative impact a data breach may have on a business’s reputation.

However, there are plenty of steps businesses can take to prevent cyberattacks. Independent agents should proactively help educate their clients on ways they can improve their cybersecurity to protect their business.

The Federal Communications Commission’s cybersecurity checklist and list of resources can be a helpful starting place.  

Independent agents can serve an important role in educating clients about this issue. By talking to clients about cybersecurity, you can set yourself apart as an expert advisor helping protect every aspect of your client’s life and business.

Sam Affolter is senior director of agent research and innovation, GRM – U.S. Distribution & Service, Liberty Mutual Insurance.