Don't Be a Statistic: Quick Tips for Protecting Your Business from a Cyberattack

By Lisa Scoble posted 22 days ago


Don't Be a Statistic: Quick Tips for Protecting Your Business from a Cyberattack

You rely on your phone, tablet, and computer to accomplish all kinds of day-to-day activities—at work, at home, and now at your new “home office.” It’s how you get things done. But how careful are you (or your employees) online?

Professional services firms collect and store large amounts of confidential data that cyber thieves typically like to steal. In particular, real estate agents deal with large amounts of money, personally identifiable information, and wire transfers, which are a common entry point for criminals. Believing your business is too small or your data is too insignificant can lead to slip-shod safety protocols. Ultimately, a data breach or cyberattack can happen to anyone.

Last year alone, the Federal Bureau of Investigation (FBI) logged 467,361 cyber complaints from individuals and businesses— costing in excess of $3.5 billion.1 A little more digging uncovers that 58% of data breach victims are classified as small businesses.2 That’s probably someone just like you.

Even more troubling is the fact that a typical privacy or data breach of your business systems can take an average of 7 months to uncover.3 Being prepared and knowing what to look for is the best way to protect your real estate agents, clients, and firm.

Cybercriminals don’t take breaks, and neither should you. Awareness, training, and diligent tracking can mitigate common threats. Any internal examination of your firm’s safety procedures should include:
A Security Audit
Hiring an outside vendor or instructing your current information technology personnel to scan your systems and software is a good way to identify vulnerabilities. Don’t forget to include any third-party or cloud-based platforms your firm uses. Make sure to audit your remote working standards as well for any unexpected gaps that may have come to light as a result of the pandemic. One data or privacy breach may not sound like a lot, but the average data breach includes the loss of over 25,000 records4 which may include personally identifiable information from your clients, vendors, investors, or employees.

Employee Training
Cyber incidents involving negligent employees or contractors cost companies an average of $283,281.6 Make sure your employees are properly trained on how to identify targeted cybersecurity attacks, such as phishing and malware. Phishing is the practice of manipulating users by creating enticing emails and gaining a false sense of trust. Users then share sensitive information with cybercriminals without realizing their mistake. Malware is malicious software installed without a user’s knowledge with the purpose of hacking the computer or otherwise disrupting its function. Informed and vigilant employees can detect these shady techniques. Password attacks are also a very common means for cybercriminals to gain access to your network. Including best practices on choosing hard-to-crack passwords is essential for employee security training.
Patches and Detection Software
Developers release patches to software and operating systems on a regular basis. If you don’t update your applications regularly, you’ll be using outdated software with security gaps that any hacker can take advantage of. Investing in antivirus and additional firewall software that will proactively help detect and prevent potential security risks is also a necessary business expense in order to mitigate risks like those associated with identity theft and other cybercrimes.

Cyber Insurance
Even the best security measures can’t stop every hacker or safeguard against human error. It’s why cyber coverage plays such an important role inbusiness protection. Most property policies will not cover damages caused by a cyberattack, such as damage to your reputation, revenue lost during downtime, or third-party liability. Cyber coverage helps cover the cost of these expenses as well as data recovery and re-creation, system recovery and repair, ransom or extortion payments, data breach liability and legal expenses, and other expenses to help get your business back to normal.

With the highly sensitive data professional services firms are accessing and storing every day, it is vital to ensure your systems, employees, and clients are as safe as possible. In addition to insurance coverage, ongoing checks, tests, and a response plan will help reduce your risk exposure.

For more information about E&O coverage and other risk management topics, visit

1 Winder, Davey. “The FBI Issues A Powerful $3.5 Billion Cybercrime Warning.” Forbes Magazine, February 2020.
2 2018 Data Breach Investigations Report. Verizon, 2018.
3 “29 Must-Know Cybersecurity Statistics for 2020.” Cyber Observer, March 2020.
4 2019 Cost of a Data Breach Report. IBM, 2019.
5 “Not If, But How.” The Hartford Steam Boiler Inspection and Insurance Company, March 2018.
6 “The Top Cyber Risks to Accounting Firms Come from Inside the Firm.” CPA Practice Advisor, August 2018.

This article was produced in conjunction with AXA XL and is not to be taken as legal advice.