THE worldwide WannaCry cyber attack wreaked havoc last month, spreading rapidly to infect 200,000 organisations in 150 countries.

The impact was significant and costly, and has led many businesses to question what more they can do to protect their data.

From an IT perspective, there are many steps an organisation can take to protect itself from cyber attacks, but should the worst happen there is one safeguard that is often overlooked.

Petersfield-based insurance brokers Robison & Co has received a number of enquiries since the attack, regarding a relatively new type of insurance policy pertaining specifically to cyber insurance, which offers protection from the costs relating to damage to or loss of information from IT systems and networks.

Simon Gubbins, managing director at Bedford Road-based Robison & Co, said: “Regardless of the size of your business, your IT infrastructure is the backbone of daily operations and if something goes wrong you could be exposed to large losses in income, reputational damage, and expensive staff down time.

“While existing policies such as professional indemnity insurance exist and may provide some elements of cover against cyber risks, we’ve found that increasingly businesses are choosing to take out specialised cyber insurance policies.”

Cyber risk policies fall into first party and third-party risks and businesses can choose a policy that covers either or both. First party covers loss of or damage to digital assets, business interruption, ransomware attacks, theft of money and reputational damage. Third party policies cover the assets of your customers, including loss of data and security and privacy breaches.

Mr Gubbins continued: “The average cost of a cyber-security breach is £600,000 to £1.15m for large organisations and £65,000 to £115,000 for small and medium-sized businesses. Data loss or breach could be critical for many businesses, so it doesn’t pay not to have insurance against this type of threat.

“Many policies include technical assistance with managing a breach, aiding a quicker recovery and providing added peace of mind in the event of an incident. We’d advise always getting some professional advice before taking out cyber insurance, just to make sure you’re getting an adequate level of cover for your business needs.”

However, Robison stresses that although a robust cyber insurance policy will help your business survive an attack, it is not a panacea and prevention begins with understanding and managing the risks as part of your everyday business culture and process.

To this end, businesses are advised to run regular updates on their network security and enrol on the Government’s Cyber Essentials Scheme, which provides a framework of steps to protect your business and awards Cyber Essentials certification, offering assurance and peace of mind to your customers.

Robison & Co is a Hampshire-based, owner-managed insurance brokerage, offering advice on all areas of business and personal insurance as well as independent financial advice on investments, mortgages and pensions.