Skip to Main Content

Cyber Security

Does your small business qualify for cyber insurance? New self-assessment tool to help you learn what insurers may look for.

Oct 27, 2023 | By: Liam McGuinty, Vice President, Strategy, Strategy / Consumer & Industry Relations, IBC
Does your small business qualify for cyber insurance? New self-assessment tool to help you learn what insurers may look for.

Over the last few years, cyber attacks have been frequently been appearing in the news. Recent high-profile cases include Indigo Books & Music, Sobeys parent company Empire Co. Ltd, and Barrick Gold Corp. While large companies may seem like common targets for cyber criminals, small and medium-sized businesses (SMEs) are also at risk—even if they’re less likely to make the headlines.

As cyber threats continue to evolve, SMEs need to know more about cyber resilience and think about whether cyber insurance is right for them. Cyber insurance can help protect businesses against losses related to personal data security breaches, cyber extortion, technology disruptions and more. As most property or liability policies don’t expressly cover cyber risks, or have very limited coverage, you may want to consider getting a stand-alone cyber insurance policy for your business, along with taking preventative measures.

IBC has been supporting businesses’ efforts to increase their cyber resilience and to understand risk mitigation measures such as cyber insurance through its annual Cyber Savvy public education campaign. This year, the campaign features a self-assessment tool for SME owners considering a cyber insurance policy. This 10-question assessment can help business owners learn about the cyber security protocols and best practices that most cyber insurers look for when assessing risk and poses some of the questions that cyber insurers may ask during the application process.

For example, owners will be asked to consider:

  • Their cyber risk,

  • If they collect and store customers’ personal information

  • What security procedures they have in place, and

  • How frequently their employees receive cyber safety training.

These questions are similar in nature to what a business owner might see on a cyber insurance application. Depending on the answers, the questions will direct users to appropriate cyber resources for more information. Some businesses may find that they’re ready to apply for cyber insurance while others may need to work on improving their risk profile. It is important to note that this free tool cannot provide an actual risk assessment for SMEs, but it can help gauge the level of readiness for cyber insurance and help determine which areas businesses may need to focus on to bolster their cyber resilience.

The 2023 Cyber Savvy campaign also includes new research on small business owners’ cyber awareness, building on the previous year’s research, which focused on educating employees on cyber hygiene. The cyber insurance self-assessment tool, 2023 research, and other resources including information from the Canadian Centre for Cyber Security are available at www.cybersavvycanada.ca.

All businesses and organizations, but especially those that rely heavily on an online presence and use e-commerce, should consider contacting their insurance representative to make sure they have the right coverage for their organization to help reduce their risk from cyberattacks. However, cyber insurance is just one component of an overall cyber risk mitigation strategy – it is not a replacement for cyber resilience.

If you have a question about cyber insurance, phone IBC’s Consumer Information Centre at 1-844-2ask-IBC (1-844-227-5422)

About This Author

Liam McGuinty is VP, Strategy at Insurance Bureau of Canada. In this role, Liam focuses on advancing strategies and responding to issues that are pan-Canadian in nature. He also leads IBC’s strategic and corporate planning process. Previously, Liam served as IBC’s VP, President’s Office where he supported the CEO in advancing IBC’s strategic and operational priorities. He previously worked at Deloitte and the Ontario Chamber of Commerce, and has a Master in Public Policy from the University of Toronto.