Protect Your Business with a Solid Backup Strategy

Tools + Intel.

CRC Specialty's Tools + Intel spans a diverse spectrum of industry issues to keep you and your clients informed. This is truly news you can use, coupled with the latest exclusive programs, featured tools, links to compelling news stories, and more.

Subscribe +
REDY Index Claims Advocacy Property Casualty ExecPro Transportation Healthcare
Protect Your Business with a Solid Backup Strategy Post Image

Protect Your Business with a Solid Backup Strategy

October 20, 2025

Cyber

Cybersecurity

ExecPro

Professional

October is Cybersecurity Awareness Month, a timely reminder that protecting data is essential for every organization. While backups alone can’t prevent a cyberattack, they’re a critical part of a strong business continuity plan, helping ensure a company can recover quickly and keep running when the unexpected happens.

One doesn’t have to look farther than the daily news to learn that cyberattacks are a top concern within the business world. Cyberattacks saw significant growth in 2024, with a notable increase in both the frequency and sophistication of attacks.2 In addition, emerging 5G and AI technologies as well as expanding coordination among cyberattack groups makes it clear that backing up data is essential to protecting businesses participating in today’s digital economy.

Companies of all sizes gather and produce large amounts of data, including customer data, employee information, or systems data, and losing any of it can potentially cripple a business. While large-scale breaches of big corporations are most visible in the news, no business is immune to the risk. In fact, malicious actors often see smaller businesses as easy targets because their security measures often aren’t as robust.3

BACKUP BEST PRACTICES Backup key systems and databases Use segregated/air-gapped backups Utilize robust, unique backup credentials stored separately Test off-site or cloud backups routinely. Source 1. BIGGEST BACKUP MISTAKES Not storing backup data at a separate physical location Failing to regularly audit backup processes to ensure effectiveness Allowing protected servers to access backup systems Relying on only one backup approach. Source 4.

WHY IS DATA BACKUP IMPORTANT FOR A BUSINESS?

Smart businesses strive to avoid cyber incidents with a proactive approach that focuses on strong network security, but unfortunately, preventive measures don’t always work. While backing up data won’t protect a business from a cyberattack, it’s an essential component of any strong business continuity plan, ensuring that the company has the ability to restore systems and data. According to a recent report, roughly 85% of ransomware attacks target small businesses, and the consequences of small business ransomware attacks are severe. Most smaller companies can’t operate during a ransomware attack. Many also don’t have an incident response plan in place or do not test it regularly. The high cost of recovering data along with business interruption costs means that up to 60% of small businesses fail after a successful cyberattack. Backups should be a vital part of any businesses’ risk management plan because they help protect a business in the event of hardware failure, human error, natural disaster, or power failure, ultimately saving the company both time and money.6

WHAT SHOULD BE BACKED UP AND HOW OFTEN?

When it comes to the question of what needs to be backed up, the shortest answer is — everything, because as cybercrime evolves it can be difficult to know what information attackers are targeting. Businesses generate data with almost every organizational process vital to supporting operations, including monitoring financial health and maintaining customer relationships. For example, website interactions guide sales and marketing, digital communications facilitate responsive customer service, and financial information helps stakeholders monitor the bottom line. When you consider the big picture, that means a variety of data should be backed up in order to quickly restore operations when needed.3

Just as crucial to backing up all vital data, is the frequency of backups. Most experts agree that a full backup should be completed at least weekly. However, if a business engages in a high volume of transactions, then it may be wise to back up transactions daily. In reality, the frequency of required backups should be dictated by how often data changes. Businesses can save both time and effort by utilizing data backup software to automatically update as needed. Those unsure how to implement automatic backups will find that there is usually a relatively straightforward approach through commonly available vendors. Cyber insurers can also help recommend vendors, and many have partnerships available.

As the cyber landscape evolves, cyber insurance coverage applications are asking for more specific information about the frequency and extent of backup practices. At this point, underwriting often just wants to see that clients are performing regular backups; however, the more frequently backups are performed, the lower an insured’s risk. Different vendors offer various backup solutions, including full, incremental, and differential backup options. A full backup is exactly what it sounds like: a complete copy of all data, which requires a substantial amount of time, effort, and storage space. Incremental backup plans are often a good middle ground for many businesses, because they require less time and effort by only backing up data that has changed since the previous backup. Similarly, differential backups only include data that has changed since the last full backup.5

Cybercrime isn’t the only cause of data loss. Human error contributed to 95% of data breaches in 2024. Source 7.

THE BACKUP IS COMPLETE... NOW WHAT?

Backing up is the foundational first step to ensuring a business can recover if the worst happens. Once backed up, data should then be housed externally, either in the cloud or locally on a separate drive that is detached from the operating system. Finally, insureds should test backup integrity regularly because if data is inconsistent or inaccurate, it’s useless just when it’s needed most. Quarterly tests are a common best practice, providing reassurance that backups work as expected to properly restore data and confirm that data is being backed up at the designated interval.

BOTTOM LINE

Every business owner should implement backup best practices to protect their important data. Agents can help encourage clients to protect themselves by starting the conversation well in advance of renewal and educating insureds around the risk cybercrime poses to modern business operations. Sticking to a strong backup plan can help protect a business’s bottom line in the event that something goes wrong. Working with an insurance broker capable of providing cyber coverage that meets current needs and anticipates evolving exposures can make all the difference. Contact your local CRC Specialty Producer today to discuss how we can help protect your clients as part of a strong cyber risk management plan.

CONTRIBUTORS

  • Paul Burge is an ExecPro Broker with CRC Group’s Birmingham, Alabama office and a member of the ExecPro Practice Group.

END NOTES

  1. The Cybercrime Challenge for Agents, Insurance Journal, July 5, 2021. https://www.insurancejournal.com/magazines/mag-features/2021/07/05/621110.htm
  2. Check Point Research Reports Highest Increase of Global Cyber Attacks seen in last two years – a 30% Increase in Q2 2024 Global Cyber Attacks, Check Point, July 16, 2024. https://blog.checkpoint.com/2023/01/05/38-increase-in-2022-global-cyberattacks/#:~:text=Global%20cyb
  3. Why Data Backup is Important for Your Business, Rewind, December 30, 2021. https://rewind.com/blog/data-backup-important-for-business/
  4. 5 Biggest Data Backup Mistakes -- and How to Avoid Them, TechTarget, May 7, 2019. https://www.techtarget.com/searchdatabackup/tip/5-biggest-data-backup-mistakes-and-how-to-avoid-them
  5. What Are the 3 Types of Backup, ioSafe. https://iosafe.com/data-protection-topics/3-types-of-backup/
  6. Small Business Ransomware: What You Need to Know, Veeam, January 24, 2024. https://www.veeam.com/blog/small-business-ransomware.html
  7. 95% of Data Breaches Tied to Human Error in 2024, Infosecurity Magazine, March 11, 2025. https://www.infosecurity-magazine.com/news/data-breaches-human-error/

Cyber Cybersecurity ExecPro Professional

Gain the latest
announcements,
news + insights.

© 2025 CRC Insurance Services, LLC, CRC of California Insurance Services, CA LIC No. 0778135. No claim to any government works or material copyrighted by third parties. Nothing on this website constitutes an offer, inducement, or contract of insurance. Financial strength and size ratings can change and should be reevaluated before coverage is bound. This material is intended for licensed insurance agency use only. This is not intended for business owner or insured use. If you are not a licensed agent please disregard this communication, CRC supports a diverse workforce and is an Equal Opportunity Employer who does not discriminate against individuals based on their race, gender, color, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Drug Free Workplace.

Privacy Statement