Why? Because it’s not a matter of “if” but “when” your company has a data/security breach. Let’s take a look at some of the research:

95% of Breaches are Caused by Human Error. 

Source: IBM’s 2014 Cyber Security Intelligence Index

But, if you think most data breaches are due to malicious insiders, you’d be wrong. Forrester found that only 12% of security incidents are caused by disgruntled employees with mal-intent. Whereas, a whopping 27% of security breaches were caused by employees’ inadvertent misuse of data.

This means that if your company does experience a security breach, it’s 2x as likely to be perpetrated by a reliable employee rather than a disgruntled worker.

In short, your best employees could also be your greatest risk.

Source: Forrester report finds most data breaches are caused by employees, John E. Dunn, PC World, September 24, 2012.

60% of SMBs Go Out of Business Within 6 Months of a Data Breach 

Source: National Cyber Security Alliance Study

As an SMB, protecting against internal vulnerabilities is important because 50% of companies that experience a data breach fold within six months. Your business can’t afford to be without checks and balances to ensure internal risks are minimized.

Source: The Need for Greater Focus on the Cybersecurity Challenges Facing Small and Midsize Businesses, Louis A. Aguilar, The U.S. Securities and Exchange Commission, October 19, 2015.

So then, I recommend speaking with your insurance provider about cyber insurance ASAP as part of your company’s cyber resilience, business continuity, and disaster recovery process.