Many small businesses vulnerable to cyber attacks

Despite the increased threat of cyber-attacks during the pandemic, almost half (47%) of Canadian small businesses surveyed by the by Insurance Bureau of Canada (IBC) say they do not allocate any portion of their annual operating budget to cyber security. This marks an increase of 14% from 2019, when one-third (33%) said they do not allocate any budget to cyber security.

In 2021, 41% of small businesses that ever suffered a cyber-attack reported that it cost them at least $100,000, up from 37% in 2019. However, fewer than half of the businesses surveyed (46%) said they have set up any kind of defense against possible cyber-attacks, and only a quarter (24%) say they plan to purchase cyber insurance within the next year.

“The COVID-19 pandemic has forced many small businesses to adopt digital processes and move some of their traditional business online,” said Jordan Brennan, vice-president of Policy Development for IBC. “Unfortunately, this has created increased opportunities for cybercrime. While cyber-attacks on larger businesses receive more media attention, small businesses are also a target for online criminals.”

In the first half of 2021, insurers paid out over $106 million in cyber liability claims. Incidents of cybercrime Рparticularly ransomware attacks Рhave increased drastically since 2020, as criminals began to prey on people working from home due to the pandemic. A report by law firm McCarthy Tétrault found that ransoms and the resulting lost productivity cost Canadian organizations an estimated $5.1 billion in 2020 alone.

“Cyber insurance can help victims pay for many expenses related to cyber-attacks, such as civil fines, legal damages, forensic investigations, data restoration costs and other expenses to restore their business operations,” explained Brennan. “Before looking for cyber insurance quotes, business owners should take preventive actions to demonstrate to their insurance representative that they are a lower risk.”

Brennan recommends that business owners follow these steps to help secure their data:

  • Enforce multi-factor authentication on login and network access;
  • Focus on email security: enable attachment scanning, use external sender banners and train staff (or develop protocol) on spotting and containing malicious phishing attempts; and
  • Run regular data backups and make sure the backups have unique credentials.

IBC conducted a similar survey in 2019 and has compared those results with the results of this most recent survey to look for trends in how small businesses (sole proprietors and those with up to 499 employees) are managing cyber security. The 2021 report has been published to coincide with Cyber Security Awareness and Small Business Month in October, and to help educate small business owners on the risk of cyber-attacks and ways they can protect themselves.

Source:  Insurance Bureau of Canada

Blenheim Office

24 Marlborough St. N., Box 479
Blenheim, ON N0P1A0

Phone: 519-676-8159
Fax: 519-676-0020

Chatham Office

250 St. Clair St.
Chatham, ON N7L 3J9

Phone: 519-352-4343
Toll Free: 1-800-561-4949
Fax: 519-352-6484

Essex Office

29 Talbot St. N, Box 69
Essex, ON N8M 2Y1

Phone: 519-776-6457
Fax: 519-776-7400

Harrow Office

65 King St. W., Box 790
Harrow, ON N0R 1G0

Phone: 519-738-2277
Fax: 519-738-2279

Tilbury Office

59 Mill St. E, Box 1239
Tilbury, ON N0P 2L0

Phone: 519-682-0202
Fax: 519-682-2391

Wallaceburg Office

403 Wellington St.
Wallaceburg, ON N8A 2Y2

Phone: 519-627-1777