After years of reviewing cyber claims across industries, I can tell you this with confidence: most cyber losses are preventable.
Not all of them. But many of them.Cyber insurance is essential today, but it should be the backstop not the first line of defense. The businesses that avoid major cyber events are not necessarily the biggest or the most sophisticated. They are the most disciplined.
Here are practical, real-world steps business owners can take right now to reduce the likelihood of a cyber loss.
1. Strengthen the Human Firewall
The majority of cyber breaches begin with one simple event: someone clicks a bad link.
Phishing emails, invoice scams, wire fraud schemes, and credential harvesting attacks are increasingly sophisticated. They often look legitimate. They use real company logos. They mimic vendors or leadership. Your employees are your first and most important line of defense.
Practical steps:
- Conduct annual cyber awareness training
- Run simulated phishing tests
- Require strong password policies
- Prohibit password sharing
- Establish clear verification procedures for wire transfers
One simple policy I strongly recommend:
No wire transfer or payment change is processed without verbal confirmation using a known phone number. That one control has prevented countless losses.
2. Implement Multi-Factor Authentication Everywhere
If I could require one control for every business I advise, it would be multi-factor authentication (MFA). MFA significantly reduces the risk of unauthorized access even if passwords are compromised.
It should be enabled on:
- Email accounts
- Remote desktop access
- Cloud-based systems
- Payroll platforms
- Banking portals
- Administrative accounts
Many ransomware claims begin with compromised remote access credentials. MFA closes that door in many cases. This is no longer optional. Most cyber insurers now require it and for good reason.
3. Backups That Actually Work
I have seen businesses assume they were protected because “we back up our data,” only to discover during a ransomware attack that:
- Backups were not recent
- Backups were connected to the network and encrypted
- Backups could not be restored
A proper backup strategy includes:
- Daily automated backups
- Offline or immutable backups
- Regular testing of restoration
- Clear documentation of recovery procedures
The question is not whether you back up data. The question is whether you can restore it quickly and confidently.
4. Limit Access and Segregate Systems
Not every employee needs access to every system.
The principle of least privilege reduces exposure. If a breach occurs, limited access prevents the attacker from moving freely throughout the network.
Key controls include:
- Separate administrative accounts
- Role-based access permissions
- Network segmentation
- Removal of former employee credentials immediately
Many cyber claims worsen because former employees still have active access.
5. Patch and Update Promptly
Outdated software is one of the most common entry points for attackers.
Operating systems, firewalls, antivirus software, and applications must be regularly updated. Known vulnerabilities are widely exploited once discovered. Businesses that delay updates often become easy targets. Create a schedule. Assign responsibility. Document completion.
6. Develop a Cyber Incident Response Plan
One of the biggest financial impacts in a cyber loss is delay.
When a breach occurs, confusion increases cost.
A strong incident response plan should identify:
- Who to contact immediately
- Legal counsel
- IT response team
- Cyber insurance carrier
- Communication protocol
- Media response procedures
The first 24 hours matter tremendously. Even small businesses should have a written response outline.
Why This Matters
Cyber criminals are not just targeting large corporations. They target businesses that are accessible, unprepared, or underprotected.
The goal is not perfection. The goal is resilience.
Strong internal controls:
- Reduce the likelihood of a breach
- Lower the severity of a claim
- Improve insurability
- Help negotiate better cyber insurance terms
Insurance carriers are underwriting cyber risk more aggressively than ever. Businesses that demonstrate strong controls are rewarded with broader coverage and more stable premiums. Cyber insurance is critical. But prevention is more powerful.
If you are unsure whether your business would withstand a ransomware event, phishing scam, or wire fraud attempt, now is the time to evaluate your controls.
The best cyber claim is the one that never happens.