The Internet is as risky as it is necessary to your business. Global e-commerce revenues surpassed $1 trillion last year; 144 billion emails are sent each day; more than 1 billion people are actively engaged on Facebook, and the majority of data collected for business purposes is relayed over the Internet.
But the Internet has always been fraught with risks as amoral opportunists, malevolent hackers, criminals and terrorists have found ways to leverage it for their own purposes. The risks can be minor, like someone hacking your system for a few free products, to something major, like Booz Allen Hamilton’s potential liability for Edward J. Snowden’s breach of classified government information.
Can you avoid these risks? Not entirely. Like offline risks, the best you can do is find ways to manage your exposure to them, so if you're impacted, you can survive the fallout. The best tool against any risk is insurance and herein lies the problem: Insurance companies haven’t caught up yet to Internet-related risks.
Insurance Protection Needed
From an entrepreneur’s perspective, insuring against Internet-related threats is the opportunity of the century, with nearly every business in operation today needing some type of protection. But according to Scott Kanry of Aon Risk Solutions and Robert Loscouski of Axio Global, the insurance industry isn’t yet structured to underwrite Internet-related risks. Their recent analysis indicates that insurance companies lack the equivalent technical skills for Internet engineering that are present in other types of underwriting like property-related insurance. They also contend that the industry lacks an underwriting framework to properly define, assess and price risk. Lacking both knowledge and process, it’s difficult for insurers to provide products that will satisfy business owners.
Currently, data breaches involving personally identifiable information are the main area where an active market for insurance exists. If a hacker breaks into your server and steals the name, address and credit card details of your customers, there's insurance to protect against the related liability costs. Some policies will even cover the cost of a forensic analysis to identify the weaknesses in your IT infrastructure that led to the breach. This type of insurance product has developed because insurers can identify a discreet event (the breach), measure it (number of names) and have a reasonable idea of what the costs are to remedy it (credit report protection per customer, etc.).
But there are many other risks that remain unprotected. What if you're transferring data from one server to another and a crash leads to a loss of your accounts receivable files? What if an irate customer who happens to be a social media giant starts a social media campaign to boycott your company and it works? What if a group of hackers orchestrates a Denial-of-Service attack on your servers, which leads to lost revenues? There are infinite what-ifs related to Internet risks and your business. The insurance companies will likely play catch up for years.
Most business owners can do a lot more than they are doing. It’s not just a technology problem; it’s a business problem that will require a multifaceted approach. Some ideas on how to tame Internet risks include:
- Hiring a competent Internet security services firm to perform a diagnostic of your existing network to identify potential risks.
- Ensuring that employees, contractors and all staff adhere to best practices when formulating, updating and securing their passwords.
- Minimizing the amount of trade secrets and other types of intellectual property that are exposed to outside networks.
- Working with a reputable data center that provides the necessary technology to perform regular backups and has the ability to quickly bring you back online in case of an attack or server failure.
- Developing emergency procedures—in writing—for standard Internet-threat scenarios like Denial-of-Service attacks, hacking and breaches.
Read more articles on small-business finance.
Photos from top: Thinkstock, iStockphoto