Here's why:

Big isn't better 

There have been, and continue to be, many stories about businesses and other organisations suffering a cyber-attack or data breach of some kind. The fact they happen isn't really news any more - the fact they happen to organisations of any size in any sector is the real worry.

What's clear is - and to paraphrase a little - the bigger they are the harder they fail. The IT departments at TalkTalk, Marriott, the NHS, British Airways, Facebook and so on will testify to that. The consequences of millions of private records made public are very expensive and catastrophically bad for PR.

So, if massive amounts of money, hundreds of people and the very latest tech security can't stop the world's biggest companies falling victim, what chance do the rest of us have?

Very little. And don't be thinking you'll live with the risk because hackers are only interested in the big boys, either. No one's too small.

Cyber-criminals think in terms of multiple gains - holding 100,000 small businesses to ransom by hacking and locking down their systems is potentially more lucrative than one attack on a large business. Making the ransom relatively affordable means it's more likely SME owners will reluctantly cough up, and getting through small business' firewalls and security measures in the first place is usually easier, too.

Cure not prevention

If past experience tells us almost any business is a potential cybercrime victim, it makes sense to do something about it. However, if that same past experience tells us there's almost no chance of actually preventing a cyber-attack, it makes more sense that ‘doing something about it' focuses on recovering from one instead.

Fine in theory, but where do you start? How much does a cyber-attack cost? What are the likely consequences of a breach? What will you have to do to keep your business up and running? Who can you go to for help? How long will you be out of action? And so on...

The good news is that cyber insurance [1] helps answer those questions.

Cover story

Like any insurance, cyber's job is making sure you're not out of pocket after an unforeseen event.

Here's how it works:

IT investigation. Step one of recovery is finding out what's happened. Cyber insurance pays for forensic IT experts to inspect and report back.

Hacker damage. Having to fix or replace computers, software, websites and so on following an attack is expensive. Cyber insurance covers these costs.

Ransoms. Even just a few thousand pounds can scupper a small business. Cyber insurance covers the ransom and pays for a specialist to negotiate and manage the situation for you.

Business interruption. Can you still trade without IT? Great if you can, potentially ruinous if you can't. Cyber insurance covers your lost income in the time you're out of action.

Solicitors. GDPR regs mean data breaches have legal implications. Getting legal advice so you know what to do and where you stand is expensive. Cyber insurance pays your bills.

Legal action. You're liable for your clients' personal data and you can be sued for not keeping it secure. If that happens, cyber insurance pays for a legal expert to defend you and picks up the tab for any compensation too.

Not all cyber insurance policies are equal, mind, so make sure yours covers what you need before you buy it. A good small business insurance broker [2] can help you with this.

Get the right cover, though, and it really can be a potential business saver.

For more info and a quote, call PolicyBee on 0345 222 5374 or visit policybee.co.uk/cyber-insurance [3] any time.