The data scandal that has seen social media giant Facebook come under fierce criticism for failing to protect user data has made mainstream news in recent weeks.
This week, it was revealed that the data of up to 87 million Facebook users was improperly shared with political consultancy Cambridge Analytica – far more than initially thought, according to BBC News.
In the ensuing backlash, a movement to #DeleteFacebook gained traction as consumer eyes were opened to the amount of data being collected on them by the platform, and potentially shared with others.
But as well as heightening consumer awareness, the scandal should serve as a wake-up call to businesses when it comes to handling and protecting customer information, says one insurance head.
We already know that many small businesses underestimate their cyber security vulnerabilities: new research from Insureon found that 82% of small business owners say they do not feel at risk of a data breach.
In the same poll, more than three-quarters said that they had the controls in place to protect themselves from a data breach, and 74% admitted they did not have cyber liability insurance in place – pointing to a significant degree of complacency.
“I would imagine that most small business owners, if they are paying attention with what’s going on with Facebook, are probably concerned about their personal data as opposed to their business data,” Jeff Somers, president of Insureon, told Insurance Business.
“I would guess that many of them aren’t thinking about the potential impact that this could have on their business,” he continued.
However, with the issue of data privacy and security coming under a very public spotlight, the awareness among small business owners should improve too, according to Somers.
“Hopefully this makes them aware that these things do happen… With respect to cyberattacks and cyber liability insurance it does start with the awareness and understanding that, as a small business owner, you are at risk. That’s really important for people to understand,” he said.
According to Somers, there’s more work to be done by the insurance industry when it comes to understanding the issues around cyber.
“I think there’s a lot of education and awareness-building that we need to do as a community to help small business owners understand that this is a risk, and, candidly, a part of doing business in our day and age.
“In many cases, it’s not a question of if, but when, a cyberattack will occur. That’s the kind of message we need to be delivering to the small business community. Just as they think about other types of risk, this needs to be one of the things that they factor into their overall insurance plan.”