Is Your Business Cyber Resilient? I.I.I. Offers 7 Ways Businesses Can Reduce Their Risks

October is National Cybersecurity Awareness Month


For immediate release
I.I.I. Press Office: (212) 346-5500;  

NEW YORK, October 8, 2019 –Cyberattacks which result in data breaches pose financial and reputational risks to businesses yet there are cost-effective ways to reduce cyber risks, according to the Insurance Information Institute (I.I.I.). 

The cost of data breaches worldwide for businesses of all sizes could cumulatively grow to $5 trillion in 2024 from around $3 trillion today, according to a report released this year by Juniper Research. Those dollar amounts reflect not only lost income but also the payment of data breach-related regulatory fines, the report noted.

Given that October is National Cybersecurity Awareness Month, the I.I.I. offers U.S. businesses these seven tips for improving their cybersecurity and averting data breaches.

  1. Understand your cyber risks. Businesses are vulnerable to cyberattacks through hacking, phishing, malware, and other methods. 
  2. Train Staff. Those engaged in cyberattacks find a point of entry into a business’ systems and network. A business’ exposure can be reduced by having and enforcing a computer password policy for its employees.
  3. Keep Software Updated. Businesses should routinely check and upgrade the major software they use.
  4. Create back-up files and store off-site. A business’ files should be backed up either as an external hard drive or on a separate cloud account. Taking these steps are vital to data recovery and the prevention of ransomware. Ransomware is when a cyberattack results in a situation where a business is asked to pay a fee to regain access to its own data.
  5. Ensure systems have appropriate firewall and antivirus technology. A business should evaluate the security settings on its software, browser and email programs.
  6. Establish a Data Breach Plan. A business should remind its employees to review periodically the data breach detection tools installed onto their computers. If a data breach occurs, employees must notify the business immediately to prevent further loss.
  7. Protect your business with insurance coverage designed to address cyber risks. Cyber insurance coverage typically provides protection for costs associated with data breaches and ransomware.  


When businesses are in the market for a cyber insurance policy, or looking to renew an existing one, these are the risks which ought to be considered, according to the I.I.I.

  • Liability—A business may be liable for costs incurred by its customers and other third parties as a result of a cyberattack or other Information Technology (IT)-related incident.
  • System recovery—A business would need the financial resources either to repair or replace its computer systems or lost data.
  • Customer Notification—In several states, businesses which store customer data must notify customers if a data breach has occurred or even if one is just suspected to have happened.
  • Regulatory fines—If a data breach results from a business’ failure to meet federal or state compliance requirements, the business may incur substantial monetary fines.
  • Class action lawsuits—Large-scale data breaches have led to class action lawsuits filed on behalf of customers whose data and privacy were compromised.


Infographic: Cyberrisk Insurance: Growing Risks, Emerging Markets
White Paper: Helping Consumers Understand The Value of Cyber Insurance (2018), Cyberrisk: Threat and Opportunity (2016)

The I.I.I. has a full library of educational videos on its YouTube Channel. Information about I.I.I. mobile apps can be found here.


Insurance Information Institute, 110 William Street, New York, NY 10038; (212) 346-5500;

Back to top