Does My Business Need Cyber Insurance?
The advancement in technology has been one of the greatest growth engines for most businesses across the world. Now businesses have the ability to automate operations, have websites to market their company, conduct business across the world and be paid faster and easier than ever before. With all of the great things technology has allowed it has not come without risk. That risk is now considered cyber liability. According to IBM the average breach cost $1,000,000+. Sixty-two percent of all attacks worldwide are targeted at medium and small businesses.
What is cyber liability?
Cyber liability is the risk posed by conducting business over the Internet, over other networks or using electronic storage technology. The insurance coverage associated with cyber liability has many different names. You may have heard it referred to as Cyber Liability, Internet Liability, Electronic Media Liability, and Network Security & Information Liability insurance, just to name a few. Insurance coverage for this exposure can be purchased and “risk based” security strategies can be used to mitigate against both the first- and third-party risks caused by cyber liability. This coverage transfers risks that businesses face from a data breach, cyber-attack or a systems failure (ransom) event.
Cyber insurance coverage will also take care of privacy liability concerns if stored personal information is stolen through a breach or stolen laptop as well as any information that is stolen through paper files.
What does it cover?
There are three types of information hackers are trying to obtain:
PII: Personally Identifiable Information, e.g., social security and driver’s license numbers, bank account information, online account user names and passwords, medical and health insurance information.
PHI: Protected Health Information, which is information relating to the provision and payment of health care that can be used to identify an individual.
PCI: Payment Card Information, including debit and credit cards.
Cyber coverage is designed to cover loss and liability that your business faces in everyday technology use. Examples of coverages are below:
First Party Coverages: Third Party Coverages:
Ransomware Indemnifying companies losses to others
Data destruction Failure to safeguard data
Extortion Regulatory fines and penalties
Theft Multimedia wrongful acts (Defamation)
Denial of service attacks
Post incident response credit monitoring
Extra expenses to help you operate as you were before the incident
Exposures with no coverage
There are limitations to all policies and with cyber the biggest exposure that has no coverage is intellectual property such as patents and trade secrets. There is also some exposure for future income that may be lost. Most coverage does have an exclusion for bodily injury and property damage but there are endorsements that can add these coverages for little cost.
Who needs coverage?
The industries that have most adopted cyber insurance is healthcare, technology and banking. Right behind these industries are governments, schools and manufacturers. It is important for all businesses to be protected and have a plan in place for the times a breach may occur. An experienced broker with experienced claims knowledge is of the highest value when considering the right coverages and limits for protecting your balance sheet.
Landon Lucas CLCS