PSA’s Cyber Specialist Mike Volk featured in AHA! Business Radio Show

Posted in: News

More than 85 percent of small business owners understand that their organizations are not safe from cyber-attacks—but many small businesses are ill-equipped to protect themselves. How can cyber risk impact your business? Where to begin to protect your organization? What resources are available?

PSA’s cybersecurity insurance expert, Mike Volk recently appeared on the AHA! Business Radio Show to answer these questions. He was also joined by Stacey Smith, Executive Director of Cybersecurity Association of Maryland Inc, and Angie Barnett, President of Better Business Bureau of Greater Maryland.

“I enjoy figuring out how to identify and leverage resources to creatively solve cybersecurity challenges for businesses,” says Volk. “I want to educate small businesses about the potential detrimental impacts of cyber risks as well as connect them with the resources they need to protect themselves,” Volk says. “Many owners are either overwhelmed or don’t know where to start—I want to help them.”

Impacts of cyber risks

As a current CAMI board member and active participant in the cybersecurity community, Volk explained that when looking at cyber risk in the context of cyber insurance, there are typically four major impacts businesses should consider:

  1. Liability to others – failure to protect confidential, sensitive or private information that belongs to another party (for instance your clients, and business partners); or failure to prevent the spread of a cyber incident that impacts another party, which may expose your organization to legal or regulatory actions.
  2. Your direct expenses – as a result of a cyber incident, you can face a number of costs some of which include credit monitoring, notifications, cyber forensics, legal fees as well as IT consulting expenses to restore your computer systems.
  3. Business interruption – even if your organization does not store sensitive data, you are most likely reliant on some type of technology, software or application to run your operations. A cyber event that impacts your essential systems or business applications could cause a significant disruption that results in lost income.
  4. Theft – cybercriminals are not only after your data, they’re after your money too. They may use hacking techniques to gain unauthorized access into your computer systems to steal money electronically. This could happen through phishing emails to deceive employees into willfully giving up information, such as account numbers and passwords, or tricking them into making fraudulent wire transfers.

“If a breach happens, less than 35% of companies could sustain their business with a loss of their assets, which includes their clients’ information as well,” says Angie Barnett. Therefore, it is critically important for businesses to assess what data they have and determine the costs of protecting and losing that data. “And this is where experts like Mike Volk comes in,” notes Barnett.

Barnett also explained that according to a recent study, the majority of small business are not cyber-safe. 28% of surveyed also claimed the reason they were not cyber-safe was due to their lack of resources, their perception of the costs of insurance and other risk management practices outweighing what they would lose, which is very far from the truth.

Need a Comprehensive Cyber Policy?

Get a Cyber Insurance quote under 3 minutes.

So what can you do to protect your business?

“First, you need an organization leader as a cyber champion who makes cybersecurity a top strategic priority. Second, you need a budget. And third, you need to know what you are protecting,” Volk explained. As a starting point, you can follow the guidelines of the publicly available NIST cybersecurity framework.

Barnett added that as part of a sound cyber risk management strategy, you can implement a very affordable practice – internal phishing emails. As a teachable moment, you can send your own employees bogus phishing emails to test their awareness and understanding of cyber threats. Then you can design employee training around the vulnerabilities you have discovered during the testing to minimize your cyber exposures.

A new cybersecurity resource

Stacey Smith noted that in addition to having access to about 400 cybersecurity product and service providers, small businesses now can also benefit from the recently passed Maryland Cybersecurity Incentive Tax Credit legislation. Under the bill, small businesses, with fewer than 50 employees, that purchase cybersecurity products and services from qualifying MD businesses receive a state income tax credit equal to 50 percent—up to a maximum of $50,000.

For more valuable information about steps you can take to protect your business and the type of cybersecurity resources available to your organization, listen to the full radio interview.

Listen Here

About PSA

We are the region’s leading insurance broker and risk management firm. As your trusted partner, we delivering tailored employee benefits, HR consulting, business and personal insurance solutions designed to help you accomplish your business and financial goals.

About CAMI

The Cybersecurity Association of Maryland, Inc. (CAMI) is a statewide, nonprofit organization established in 2015 to generate sales and jobs through Maryland’s cybersecurity industry. CAMI is Maryland’s only organization dedicated 100% to the growth of Maryland’s cybersecurity industry.

About BBB Greater Maryland

BBB helps people find and recommend businesses, brands, and charities they can trust.