cyber insurance

Ransomware Is Biggest Threat to Small Business

Latest posts by Doug Miller (see all)

Recent high-profile cyberattacks on large companies such as Colonial Pipeline, JBS Meats and Solar Winds have raised awareness of the growing threat of cyber risk, and may indicate to smaller business that they’re safe. After all, what criminal would go after a little guy when there are so much bigger fish to net? Turns out, a lot.

The statistics of recent surveys conducted by the Small Business Authority, Symantec, Kaspersky Lab and the National Cybersecurity Alliance are grim for small businesses:

  • The vast majority of U.S. small businesses lack a formal Internet security policy for employees.
  • Only about half have even rudimentary cyber security measures in place.
  • Only about a quarter of small business owners have had an outside party test their computer systems to ensure they are hacker proof.
  • Nearly 40% do not have their data backed up in more than one location.

These statistics are great news for cybercriminals. The fewer security measures in place, the easier it is for them to get away with their crime.

5 of the Biggest Gaps in Cyber Liability Insurance

Attacks could destroy your business

As large companies continue to get serious about data security, small businesses are becoming increasingly attractive targets—and the results are often devastating for small business owners.

According to recent studies by NetDiligence and IBM/Ponemon, the average cost of a cyberattack for small and medium-sized businesses ranges between $717,000 and $4.25 million. Most small businesses don’t have that kind of money lying around and, as a result, many small businesses victimized by a cyberattack are actually forced to close permanently.

Ransomware among the worst threats

Among the worst of the cyber threats for small businesses is ransomware. In fact, in 2021 75% of ransomware attacks were against companies with less than 1,000 employees with an average demand of $1.8 million and an average payment of $200,000 (Insurer data/ITRC).

Ransomware is any type of malicious software that infects a computer and either prevents it from working as it should or prevents access to certain files until the user pays a ransom. Businesses of all sizes are targets of ransomware, as it can infect not only personal computers, but also entire networks and servers.

Cyber extortion from ransomware is a legitimate threat to all businesses—no matter the size. The best method of prevention is to keep confidential information and important files securely and regularly backed up in a remote location that is not connected to your main network. In addition to backing up your files, taking the following prevention measures is essential:

  • Implement multifactor authentication (MFA) and endpoint detection and response (EDR) protocols for your entire network.
  • Encrypt your laptops, desktops and portable media devices.
  • Provide robust cybersecurity awareness training to your employees.
  • Understand your own risk from your vendors and supply chain.
  • Purchase cyber liability insurance that not only helps you respond to threats, but can also help cover the cost of the ransom and any other losses incurred as a result of cyberattacks.

In addition to the above tips, the Federal Communications Commission (FCC) provides a tool for small businesses that can create and save a custom cybersecurity plan. It can be found at

Additional ransomware-specific resources are available from the U.S. Cybersecurity and Infrastructure Security Administration (CISA) and may be found at

Your emerging technology partner

A cyberattack could cripple your small business, costing you thousands or millions of dollars in lost sales and/or damages. For more information about how to protect your business from ransomware and other cyber threats, please reach out to Kapnick’s cyber experts at [email protected].

Previous Article
WJR Business Beat

WJR Business Beat: Commercial Offices – Are They a Thing of the Past? (Episode 389)

Next Article
product development

The Right Partners Will Limit Risks During All Stages of Product Development

Related Posts
E&O insurance
Read More

Your Technology Company Needs E&O Insurance: Here’s Why

Every business has unique risks that can seriously harm its operations if not properly addressed. As a business utilizing technology to produce and deliver products or services, it’s important to recognize and take precautions against risks that your commercial general liability (CGL) coverage doesn’t include. Technology professional liability coverage, also referred to as tech errors...
E&O insurance
Read More

Why General Liability Insurance Isn’t Enough on its Own

General liability insurance is just that—general. While it provides coverage for a wide variety of potential losses, including claims for bodily injury, personal injury, advertising injury or property damage as a result of your products, premises or operations, if you’re sued for service errors, contract performance disputes or any other professional liability issues, general liability...
cyber insurance
Read More

The Time Is Now to Ensure You Have the Right Cyber Insurance

Jeff Sloan discusses cyber insurance with Michael Spath and Kapnick Vice President Melissa Selke. Here are highlights from that conversation about why your small business needs to make cybersecurity protection a priority. Jeff Sloan, Founder & CEO of StartupNation: Welcome to this edition of Startup Nation. We're focused today on cyberinsurance. We've got Michael Spath,...
Read More

Why Cyberattacks Are on the Rise and What It Means For You

In a March 21, 2022, statement, President Joe Biden cautioned businesses in the private sector to harden their cyber defenses, reiterating earlier warnings related to potential cyberattacks against U.S. organizations by Russia as retaliation for recent economic sanctions. While there is no evidence of an imminent attack tied to the Russia-Ukraine crisis, Biden’s top cybersecurity...