emergency
General Business

Preparing for Emergencies

As weather and cyber-related disasters are on the rise, businesses need to be prepared.

According to the NOAA National Centers for Environmental Information (NCEI), the US has sustained 391 weather and climate disasters since 1980 where overall damages/costs reached or exceeded $1 billion (including CPI adjustment to 2024). The total cost of these 391 events exceeds $2.76 trillion.

At press time, there have been 15 confirmed weather/climate disaster events in 2024 with losses exceeding $1 billion each. These events included 13 severe storm events and 2 winter storm events. Overall, these events resulted in 106 deaths and had significant economic effects on the areas impacted.

The Small Business Credit Survey revealed that more than 1 in 10 small businesses suffer losses from a natural disaster in a given year, and those affected are often left in worse financial condition than unaffected businesses. In fact, according to FEMA, 40% of businesses never reopen after a disaster.

Unfortunately for businesses, the threat of disaster is not limited to the physical realm, as devastating cybercrime is also on the rise.

The global cost of cybercrime is forecasted to jump to $23.84 trillion by 2027, up from $8.44 trillion in 2022, according to estimates by Statista.

According to IBM, the average amount of money lost by businesses as a result of cybercrime in 2023 was $1.3 million. Across all industries, the average cost of a data breach was $4.45 million, with the healthcare industry facing the highest average data breach cost at $10.93 million.

Finally, an estimated 90% of cybersecurity breaches worldwide occur in small businesses, and, according to UK cybersecurity firm StationX, 73% of US small business owners reported a cyber attack last year. 

Assessing Your Risks

While some emergencies can be prevented – many cannot – it is imperative that businesses are properly prepared should disaster strike. 

“Every business has unique vulnerabilities and weaknesses, and knowing which disasters are most likely to affect your business can help you to return to operations faster,” says Mark Ihenacho, public affairs manager for the US Small Business Administration’s Disaster Field Operations Center East. He adds that you should focus on disasters that pose a realistic risk to your small business.

“The most common types of emergencies are fire-related hazards, technology-related hazards (cyber attacks, power outages, equipment failures, etc.), and natural hazards (severe weather),” Arjay Pedalino, NJM Insurance Group vice president, commercial lines, tells New Jersey Business Magazine. “In recent years in particular, we have seen a significant increase in weather related events.”

Pedalino suggests businesses regularly assess their risks and ensure they have the right insurance coverage. The best way to do this is to speak with an independent insurance agent who understands the risks unique to a business or industry.

In terms of cyber threats, Doug Vargo, vice president and emerging technologies practice lead for CGI, says that businesses should speak with security consultants or even hire a security engineer if the business is large enough to support one.

“A thorough risk analysis should be completed to determine your [business’s] weakest points and threats,” Vargo says. “From there, companies have the ability to assess risks and determine if they should implement solutions, or accept those risks as a part of doing business. The main goal is to know your risks and attack surfaces so that you can make better decisions.”

Develop a Response Plan

Once the disaster risks that are most likely to affect your business have been identified, it’s time to develop a response plan. 

“An emergency preparedness plan can help to mitigate the risk of any losses,” Pedalino says. “For example, installing storm shutters on windows, moving key appliances to higher levels, removing dead trees from the property, and anchoring large furniture to wall studs can help prevent or reduce damage from a strong storm. Evaluating the need for back-up power sources before a severe weather event can also help businesses recover quickly from a large weather event.”

Protecting Against Cyber Threats

Human error is one of the biggest culprits when it comes to falling victim to cyber crime, so diligence is the key to prevention. According to Verizon’s 2024 Data Breach Investigations Report, 68% of data breaches involved a non-malicious human element, like a person falling victim to a social engineering attack or making an error.

As such, employee cybersecurity training can go a long way in keeping cyber threats top-of-mind within your organization.

Jeremy Pogue, director of security services for Integris, says that aside from user training, having even one layer of back-end protection is still beneficial, especially given how many companies don’t implement any such defenses.

“It is a path-of-least-resistance situation if I am an attacker. The difference between 12 and 15 layers of protection is a small percentage of improvement, whereas going from zero to one layer of protection is a 100% improvement. Adding in simple protections like email filtering, antivirus and web filtering can go a long way, even if you don’t have huge multi-layer protections like larger companies,” he says.

Insuring Against Disaster

“Business owners should insure against risks they cannot pay for on their own,” Pedalino says. “When reviewing insurance options, a business should consider how exclusions and special limits might reduce the amount of coverage available. For example, business property insurance does not include coverage for flood damage. If your business is in a flood zone, you should obtain flood insurance through the National Flood Insurance Program to protect against this risk.

“After a loss, collect business records, document any damage or injuries, and make temporary repairs to secure your property or to prevent further damage. Always check with your insurer before removing debris,” he says.

While it is impossible to be 100% protected from a disaster, there are steps that businesses can take to mitigate the damages – both physical and digital – if they are properly prepared.

Emergency Checklist

  • Learn where to seek shelter from all types of hazards.
  • Back up your computer data systems regularly.
  • Decide how you will communicate with employees, customers and others.
  • Use devices that do not rely on electricity as a backup to your telecommunications system.
  • Collect and assemble a disaster supplies kit. Include a portable generator.
  • Identify the community warning systems and evacuation routes.
  • Include required information from community and school plans.
  • Practice and maintain your plan.

Source: The IRS guide on preparing your business for a disaster and the Federal Emergency Management Agency (FEMA) emergency preparedness checklist and toolkit

To access more business news, visit NJB News Now.

Related Articles: