By Sarah Adams, cyber risk specialist at PolicyBee professional insurance brokers

Government research says nearly half of UK businesses suffered a cyber breach in the 12 months to February 2016. That suggests around 2.5 million businesses may have been hit - including a whole lot of SMEs.

So, the threat is real. But what actually happens during and after a cyber-attack? How can it affect your business? And how do you recover?

That depends on three things: the type of attack you've suffered, how reliant your business is on IT, and the preparations you've made for getting quickly back to business as usual.

Variety show

The different kinds of attack are as varied as the people orchestrating them, and can breach your systems through multiple routes. It can be as simple as a staff member clicking on a malicious link in a bogus email. Or hackers spotting an open door in an outdated operating system.

Once the attack's in progress, several things can happen. Your data may be stolen or held to ransom. Your files might be encrypted or wiped altogether. Your IT hardware could be damaged and your operating system corrupted. Or your website might be taken down.

Whatever's going on, the certain thing is that it will affect your business's ability to operate. And if you can't process vital data, interact with customers or fulfil the usual everyday functions, you'll be losing revenue. That makes it vital to get back on track quickly.

How you do that is something you need to think about before an attack happens.

So, does your business have an IT department that can contain the attack, fix all the systems, retrieve all the data and get everything back to normal in next to no time?

And even if it does, or you think you'll be able to call in quick-fire help from outside, what about dealing with ransom demands? What about the legal implications if you've had sensitive data stolen? Not to mention lost revenue and possible claims for damages.

Rescue plan

Cyber insurance is one way of making sure you've got the kind of backup to see you through an attack and deal with the fallout. Because it's not just about the attack itself. It's about surviving the damage it causes, and the dent to your bottom line.

Here's how cyber insurance deals with the potentially disastrous consequences of a cyber-attack:

  • Initially, it pays for IT expertise to crawl across your systems and find the source of the attack - so it can be stopped in its tracks and the security gap in your systems plugged.
  • Hardware and software may have been damaged, so it provides temporary kit while repairs are underway, and replaces anything that can't be mended. That goes a long way to helping your business survive.
  • If your files have been encrypted and there's a ransom demand to unlock them, it pays for expert advice on what to do. Negotiations with the hackers and the ransom sum are also covered.
  • If personal information has been stolen, you'll most likely face claims for breach of confidentiality. Cyber insurance provides the legal muscle you need to fight your corner in court, and covers all costs, as well as any damages awarded.
  • You'll need to contact everyone affected by a data breach. The Information Commissioner's Office also needs know about it, and may launch an investigation. Your policy pays for that too.
  • Once word gets out, your reputation can take a nosedive. Cyber insurance provides PR clout to minimise the damage.
  • Crucially, if the attack has stopped your business from trading as normal, you'll have lost revenue. Cyber insurance covers any lost earnings, and helps keep your balance sheet healthy until things get back to normal.

Be prepared

It's clear there's a lot to do in the wake of a cyber-attack and that trusting to luck and the magical power of it'll-never-happen-to-me won't really cut it. Dealing with an attack can mean costly downtime for your business and a financial kick in the teeth you might not recover from.

Get a quote for cyber insurance here or read more about cyber risk in our blog.