How can brokers support customers in mitigating cyber risk?

Canadian businesses, regardless of size, are facing a surge in cyber threats. In 2023 alone, one in six businesses in Canada fell victim to a cybersecurity incident, exposing them to the potential for financial losses, reputational damage, legal liability, and operational disruptions. Cyberattacks are growing in both frequency and sophistication, with the average cost of a data breach in Canada now surpassing $6 million, according to a recent IBM report. In today’s volatile digital landscape, businesses must go beyond reactive measures and adopt a proactive approach to cybersecurity. Brokers are uniquely positioned to guide business owners through today’s complex risk landscape.  By helping clients understand emerging cyber threats, implement preventative strategies, and secure the right coverage, brokers play a key role in building long-term resilience for Canadian businesses.

Common cyber threats businesses face

The spectrum of cyber threats is broad and constantly shifting. Some of the most prevalent types include:

• Malware, including ransomware, spyware, and worms, can steal or destroy data and shut down systems.
• Phishing, whether through emails, texts (SMiShing), or voice calls (Vishing), is designed to deceive employees into handing over credentials or clicking malicious links.
• Denial of Service (DoS) attacks overload a company’s networks, causing operational shutdowns.
• Website defacements and QR-code-based ‘quishing’ are newer tactics that disrupt branding and redirect users to dangerous sites.

Each of these threats can seriously compromise a business’s systems, data, and reputation.

Prevention starts with awareness and action

Many small and medium-sized businesses commonly believe they’re too small to be targeted. However, their limited information technology (IT) resources make them prime candidates for an attack.

Business owners should consider adopting core cyber hygiene practices, including, but not limited to:

• Regular data backups and encryption.
• Automatic patching of software and devices.
• Anti-virus and firewall protections.
• Two-factor authentication.
• Employee awareness training, especially on identifying suspicious emails or links.

Mobile devices, portable media, and cloud services also require proper security and monitoring. Business owners should ensure strong access control policies are in place, which includes regularly evaluating who or what systems have access to their data.

Response and recovery planning

Even with robust safeguards, no business is entirely immune to cyberattacks. That’s why having a cyber incident response plan is just as important as prevention. Business owners should consider the following strategies as part of their cyberattack response plan:

• Establish a process to identify and prioritize critical systems and data.
• Create a cross-functional incident response team.
• Develop clear communication protocols for internal and external stakeholders.
• Monitor systems for early warning signs of an attack, such as unusual logins or changes to files.

Recovery plans should be regularly updated to include timelines, testing protocols, and procedures for returning systems to full operational status.

The role of cyber insurance

Beyond covering direct financial losses from cyberattacks, strong policies can also provide access to expert support in the event of an incident, from IT forensics to legal counsel and public relations.

Brokers play an important role in ensuring that their customers not only have appropriate coverage but also understand what their coverage entails. Together, brokers and their customers should discuss potential gaps, clarify policy terms, and walk customers through scenarios to ensure their operations are adequately protected.

When evaluating their needs, business owners should work with their broker to consider incident response and recovery costs, data breach liability, business interruption losses, and cyber extortion (also known as ransomware).

How can brokers help support business owners in mitigating cyberattacks?

Brokers don’t need to be cybersecurity experts to make a meaningful impact on risk mitigation. Simply starting the conversation about a business’s cybersecurity needs can go a long way. Brokers should work collaboratively with insurers to leverage loss prevention expertise and educational materials to support their customers in understanding the myriad of cyber threats and proactive strategies to mitigate an attack. Brokers can also help identify comprehensive coverage options that align with their customers’ unique needs when reviewing insurance needs annually or more regularly as needed.

As cyber threats become more aggressive and sophisticated, ensuring that commercial customers have a robust cyberattack response and mitigation plan, access to education, and coverage tailored to their unique needs can significantly reduce their exposure.

---

Copyright © 2025 Echelon Insurance. All rights reserved. This guide is provided by Echelon Insurance (“we”) for general information purposes to help Brokers and their commercial customers understand the types of cyber security risks they may be exposed to and how they may enhance their protection and loss prevention. While we endeavour to be accurate and up to date, this information is provided “as is” and we cannot guarantee it is complete or that implementing the recommended loss prevention measures will have the desired results.

® Registered trademark of Echelon Insurance.