Skip to Main Content

Big or Small, Businesses Must Be Cyber-Ready

A survey conducted last year by the National Small Business Association (NSBA) found that 44 percent of small businesses had been the victim of a cyber attack. If that doesn't surprise you, consider these two other findings: 94 percent of small businessowners said they are very or somewhat concerned about cybersecurity, and 27 percent said they have little or no understanding of cybersecurity issues.

It's important to note that the term "small business" may be somewhat of a misnomer. The U.S. Small Business Administration has established two widely used size standards for small businesses: 500 employees for most manufacturing and mining industries and $7.5 million in average annual receipts for many nonmanufacturing industries. Of the more than 800 businessowners that responded to the survey, 16 percent reported annual revenue of more than $5 million, and 21 percent employed more than 20 people full-time.

Still, whether you're a major national chain such as Home Depot or a local pizzeria, the reality is the same: You don't need to be an expert to keep your computer system and confidential data safe. You just need basic training and solid plans in case you become the victim of a data breach.

You need to be wary of emails from people you don't know and for any correspondence from companies with offers that simply seem too good to be true. Most important, you need to be aware that hackers can penetrate even the most protected systems.

Fortunately, there are companies that can help. As you may already know, IDT911™ (IDentity Theft 911®) is the ISO Businessowners Program vendor of choice for data breach avoidance and remediation services.

A wide range of online materials offer guidance on cybersecurity. The Identity Theft Resource Center and Medical Identity Fraud Alliance are two that come to mind.


Shawn Dougherty

Shawn Dougherty is the assistant vice president of ISO's Specialty Commercial Lines Division. He is responsible for providing the overall direction, leadership, and client service for ISO's cyber liability (e-commerce), D&O (management protection), businessowners, crime and fidelity, financial institutions, employment-related practices liability, and professional liability (other than medical) insurance programs. He is also the ISO product manager for the Lloyd's Wordings Repository, an electronic database of policy wordings and clauses regularly used within the London market. Mr. Dougherty has worked at ISO since 1988.


You will soon be redirected to the 3E website. If the page has not redirected, please visit the 3E site here. Please visit our newsroom to learn more about this agreement: Verisk Announces Sale of 3E Business to New Mountain Capital.