In the past few weeks, cybercriminals launched high-profile ransomware attacks on two famous casino companies, MGM Resorts and Caesars Entertainment, intrusions that again remind us about the sensitive topic of cybersecurity. But these issues have been simmering, if not boiling, for the past couple of years.
MGM was forced to shut down operations, and told the SEC it suffered a $100 million earnings loss. The Las Vegas Review-Journal reported that Caesars had to pay $15 million to prevent the leak of stolen online data. Okta, a company that helps customers secure user authentication, said MGM and Caesars were among four of its customers attacked between July 19 and August 19.
In our ever-evolving digital age, business owners will increasingly face risks such as these, problems that weren't around even 10 years ago. According to the National Association of Insurance Commissioners, 50% to 75% of ransomware victims are small businesses.
Why? Because small businesses often spend less on security, thus making it easier for cybercriminals to hack their systems. Ransom demands are already incredibly costly, and they’re continuing to rise: The average demand increased 500% from 2020 to the first half of 2021.
Premiums for cyber insurance policies that cover ransomware payments are climbing as well, having seen double-digit increases every month in the first quarter of 2021. Since smaller businesses have less revenue leeway than larger businesses, the cost of a data breach may be detrimental.
Data company Statista writes: "As of 2022, the average cost of a data breach in the United States amounted to $9.44 million, up from $9.05 million in the previous year. The global average cost per data breach was $4.35 million in 2022."
The increased frequency and expenses of cyberattacks could put small to midsize businesses under, even if they have proper insurance. But there is one way to protect your business from such risks, and that’s by establishing a micro-captive insurance company.
These are also called 831(b) plans, named for that section of the tax code that allows your business to own and control its own small insurance company and cover risks traditional insurance can’t (or that are otherwise underinsured). These plans can be used to protect companies against cyberattacks, but also against reputational damage, supply-chain disruptions and other risks. Nearly 90% of the clients at my firm, SRA 831(b) Admin, opted for data breach policies this year.
Would A 831(b) Plan Benefit My Company?
In the face of rising cyber-threats and their staggering costs, the need for a robust and tailored risk management strategy is clearer than ever. An 831(b) Plan offers a compelling solution for smaller companies navigating this treacherous landscape.
Unlike traditional insurance options, these plans offer businesses a unique opportunity to create a customized risk mitigation strategy for the intangible assets of a business through tax deferred funds. It’s an ideal solution for businesses seeking a more comprehensive solution to protect what they worked so hard to build, allowing a business owner to sleep better at night.
Van Carlson is the CEO and founder of SRA 831(b) Admin.