The negative impacts of a cyberattack on your business are many, and few insurance policies cover all the risks. If your company falls prey to a cyberattack, you risk the potential loss of profits, intellectual property value, and much more!
What is Cyber Insurance?
Every day, companies worldwide face cyberattacks in the form of ransomware, phishing scams, embedded malware, and social engineering attacks. And each day, the scammers are getting more sophisticated. There’s a lot of business risk in the cyber world; thankfully, someone can insure that risk.
Cyber Risk Insurance, sometimes called cyber security insurance, is a business liability insurance covering cyber security risks and data breaches. But if you think my general liability insurance already covers me, you’d be incorrect.
Cyber Security Insurance is an extra layer of protection that strengthens your general liability insurance. The two should work together to help your business stay safe. Many leaders find that cyber insurance policies hold value when combined with general liability insurance and employee training.
Why Is Cyber Insurance Important?
If you’re still on the fence, check out these two stats that hammer it home:
- 85% of data breach insurance claims come from small to medium-sized businesses
- 60% of those companies never recover!
For some companies, purchasing Cyber Insurance policies may boil down to price. Policies may seem expensive. However, the cost related to a crisis can well exceed six figures. You can understand why 60% of small to mid-sized businesses never recover from a cyber incident when you read that stat.
Something else to consider is the impact COVID-19 had on the workforce. Due to COVID-19, much of the workforce went remote, and some have yet to return to a physical office. With all these employees at home, a company’s computer systems become more vulnerable to attack, and hackers will take advantage of this vulnerability.
Three Questions You Can Ask to Determine if You Need Cyber Insurance
Answering the following three questions will help you to determine better if a Cyber Insurance policy is right for your business.
- Does my business collect, store, or receive Personal Identifiable Information (PII) or Personal Health Information (PHI)?
- Does my business work in healthcare, education, finance, or any other industry that has rules in place regarding customer information?
- What would my business do if we faced a cyberattack today?
Types of Cyber Insurance Coverage
Now that you’ve decided your company needs Cyber Insurance, you must decide on the coverage. Coverage is typically broken down into two categories: Cyber Liability and Data Breach Coverage.
Cyber Liability is often recommended for larger companies and is a standalone policy designed to cover first and third-party insurance coverage. Cyber Liability may cover legal services, lost income, lawsuits, and regulatory fines associated with a cyber incident.
Data Breach Coverage is often recommended for smaller businesses and is a first-party coverage. Data Breach Coverage helps respond to PII or PHI breaches from hackers or an employee accidentally leaving their laptop at a coffee shop.
What is Not Covered by Cyber Insurance?
Cyber Insurance policies are not a one-size fit solution. Each policy should be custom to address your business’s unique needs. Some insurers may hold back or may not cover the following:
- Potential loss of future profits – it is not always easy to directly link to a data breach
- Loss of intellectual property value – many insurers exclude coverage on financial loss due to IP loss
- Costs to enhance cybersecurity – these costs are typically not covered and are the responsibility of the company
- Socially engineered financial fraud – even if a scam duped an employee, if they provided funds, these funds are often not covered
- Nation-state attacks – many insurers include a clause denying coverage if an attack is declared an act of war
With any legal document or insurance policy, you will want to understand your rights and responsibilities completely. Make sure you read the fine print.
How ONE 2 ONE Can Help!
When you’re weighing the options on Cyber Insurance Companies, it’s important to remember that Cyber Insurance is not a substitute for a culture built on solid cybersecurity foundations.
Before you decide to spend money on Cyber Insurance, make sure your employees are well-trained. Remember, a robust cybersecurity environment includes both insurance and employee training.
Learn where your company stands on employee preparedness and cybersecurity by taking a 15-Minute Business Assessment!