October 22, 2021
There is an issue we have seen time and time again – business owners do not understand or appreciate their cyber risk and they remain overconfident about their ransomware risks.
According to a recent article citing an Embroker report published in Carrier Management, business owners remain” vastly overconfident about both their risk for ransomware attacks and insurance they have in place to prevent them”. The report further goes on to state that 63% of small and medium sized business owners believe they are not at risk for a ransomware attack.
When an agent encounters clients who are overconfident, misinformed, or lack knowledge, are these agents in the best position to set their clients straight? In a relationship-driven business, it can be difficult to “call out” the overconfident culprit – sometimes it is just easier to move on to the next more profitable coverage.
Overconfidence may now be a bigger problem than complacency. Recently Raef Meeuwisse wrote in Infosecurity Magazine that “all organizations now want agility. They want innovation. They want to work from home, fix servers from thousands of miles away or ditch servers entirely, release updates to critical applications on a daily basis — and they want to do all of it as quickly and inexpensively as possible.” It seems the tide is turning, and now there are longer lists of desired capabilities than ever before.
Most small and medium sized businesses have real cyber vulnerabilities or exploitable technology risks. Identifying and communicating these risks in language that SMBs (and their agents) understand, is vitally important to making them more resilient. Sometimes, having impartial professionals setting clients straight in jargon-free, clearly articulated methods is the way to get the best business outcomes. Complacency and overconfidence remain problematic in the industry.