Technology Companies’ Role in the Adoption of Total Cyber Protection for SMBs

Technology is providing small and medium-sized businesses (SMBs) of all industries a tremendous opportunity to grow and better manage their business.

• By Manny Johl
• May 09, 2019

Technology is providing small and medium-sized businesses (SMBs) of all industries a tremendous opportunity to grow and better manage their business. With the click of a button, today’s SMBs can instantly access a national audience, efficiently source materials globally and leverage tools that were previously only accessible to large enterprises. Thanks to the emergence of the technology-enabled gig economy, SMBs can also affordably and effortlessly augment their workforce, with recent research indicating 50 percent of U.S.-based SMBs are currently employing freelancers. But as beneficial as technology is to SMBs, it also presents a significant source of risk. In fact, the very same technologies that enable admirable agility and rapid growth can serve as the source of an SMB’s ultimate demise.

Cybercrime has emerged as an unfortunate yet inevitable part of doing business today. Nearly every week another large, global enterprise is breached, and SMBs are proving to be highly vulnerable, as they don’t have the dedicated resources that larger companies have and often lack sufficient cybersecurity training. Additionally, while they may not generate massive payouts individually, SMBs’ general lack of cybersecurity sophistication allows hackers to take a “spray and pray” approach, attacking SMBs by the thousands, or even millions, with little time or investment required. Worse yet, it’s exceptionally difficult for SMBs to resume business as usual if they are attacked, with the U.S. National Cyber Security Alliance finding 60 percent of small companies are unable to sustain their business over six months after a cyberattack.   

The Critical Component Missing from the Cybersecurity Conversation

In its 2018 Data Breach Investigations Report, Verizon found that 58 percent of all cyberattacks target SMBs. Recovering from these attacks isn’t easy, particularly for growing businesses with limited resources. For instance, there are network vulnerabilities to repair, reputational brand damage to recover, data breach fines that may need to be paid, regulators who may need to be notified and employee training to conduct. It’s also extremely costly to recover post-breach. According to recent research from Cisco, 20 percent of SMBs pay between $1,000,000 and $2,499,999 to resolve a data breach.

Thankfully, technology companies continue to build security tools into their products which provide SMBs a much-needed layer of protection. However a critical missing ingredient in SMB cybersecurity is cyber insurance. Even with the most comprehensive cybersecurity solutions in place, employee negligence or errors will still occur that can wreak havoc on an SMB’s network security. Furthermore, security offered by just one technology solution does not cover all possible endpoints.  

Technology Companies Must Play an Active Role in the Adoption of Cyber Insurance

To ensure cyber insurance becomes a key component of SMBs’ overall cybersecurity strategies, the onus shouldn’t continue to fall on SMBs, nor should it fall entirely on insurance companies. Neither have the knowledge to fully understand the cybersecurity component and how that should be paired with insurance. As such, technology companies are in a unique position to affect cyber insurance adoption on a massive scale. Any technology provider that enables an SMB to grow digitally should recognize that providing cyber insurance is guiding them in the right direction. As a crucial capability, cyber insurance needs to be included in conjunction with sales processes and product usage, just as cybersecurity services often are.

Pairing cyber insurance with a technology offering that has a cybersecurity component represents a strong, proactive approach for SMB customers. Technology companies are in the unique position to drastically advance cyber insurance adoption as their underlying technology and security serves as the source of underwriting. In other words, since they’re already gathering data from their customers and therefore don’t require SMBs to provide any additional information, technology companies can significantly streamline the underwriting process and reduce friction when it comes to cyber insurance activation. Better yet, by embedding or providing an easy add-on for cyber breach insurance, technology companies can differentiate themselves from competitors, proving to SMB prospects that they recognize the importance of comprehensive cybersecurity and will work to fully protect their customers.

The Pervasiveness of Technology Requires Comprehensive Protection

Time is of the essence here. Technology companies need to embrace their duty to educate SMBs on the value of cyber insurance as a necessity and include it as an option in their service offerings along with cybersecurity tools and/or traditional product warranties. Remember, cyber insurance does not invalidate technology’s cybersecurity features, but rather protects against areas that security can’t control, like employee behavior or negligence.

 Cybersecurity vendors have long partnered with technology companies, so it’s time cyber insurance is included as a critical component of their customers’ overall security posture. By promoting the value of cyber insurance and making it easier for SMBs to incorporate, technology providers can increase their market share and bolster their competitive profile, and SMBs and their customers can rest assured their most critical assets are protected -- even in the event of a breach.