Cyber hacks do target small businesses - whether they know it or not

One insurtech's new offerings fill the gap in cyber education that small businesses need

Cyber hacks do target small businesses - whether they know it or not


By Alicja Grzadkowska

Just because a business is small, it doesn’t mean it’s safe from cyber attackers.

While Boeing, Under Armour and the city of Atlanta are all recent victims of ransomware and data breaches, the mom-and-pop shop with only a handful of employees should still prepare for the worst when it comes to cyber risk.

“A lot of the cyber savvy criminals out there today are equally targeting the small business as much as they’re targeting the larger business,” said Keith Moore, founder and CEO of CyberPolicy, a subsidiary of CoverHound. “They know they can go undetected and not get caught when they go after the smaller targets.”

The insurtech start-up came into the market in October 2016, and has now released new offerings that aim to help small businesses protect against cyber threats, including guided solutions from trusted advisors, resources to educate businesses on potential threats, and a CyberCheckup feature to assess a company’s cyber risk level.

The check-up is an online assessment tool that CyberPolicy uses to score the risk level and offer recommendations on how to protect against, as well as prevent, hacks and breaches. The types of businesses the company works with range from bed and breakfasts and mobile service companies, like Sprint, to local retailers and bakeries.

“They still need cyber any time they have a smart device or laptops or a customer database or if they’re accepting credit card transactions,” said Moore. “That’s what we’re learning more and more, is that there’s not many business categories out there that don’t need some form of cyber insurance. Now granted, the size of the policy and the premium they pay can vary wildly, but we’re seeing that almost every customer we talk to needs some form of cyber insurance.”

Whether they get it or not is another question. One poll from Insureon found that three-quarters of small businesses surveyed don’t have cyber liability insurance and 82% said they didn’t feel at risk of experiencing a cyberattack.

That’s why education is the most important piece of what CyberPolicy offers, said Moore.

“The policy that we sell the most of offers free password management and what we call an LMS – a learning management system – that offers video training to the SMB or the entrepreneur, but also their employees and potentially any vendors that they work with as well,” he explained.

“A lot of people just don’t understand the ever-evolving risks that are in the marketplace. There are thousands of solutions out there in the market that claim to be cybersecurity, but they vary so much that a small business could easily become confused about what true solutions are the best for them and how to install those.”

Another part of the problem might be time and money. Small and medium-sized companies don’t necessarily have the resources of an Expedia or Uber to implement cybersecurity protections.

“They don’t start the conversation often enough because they’re worried about the overall price tag,” said Moore. “What we’re bringing to the market is an insurance-first standpoint, and then looking at free assessments of their business and making recommendations. We’re trying to find price points that we know an SMB can manage.”


Keep up with the latest news and events

Join our mailing list, it’s free!