Do I need cyber & data breach liability insurance?

Posted by Matt Simon on Sep 24, 2015

Many questions in the insurance industry are hugely complicated. Fortunately, this not one of them.  The answer is quite simple:  if you’re a business, you need Cyber Liability Insurance.

Sure, cyber liability coverage is a no-brainer if you maintain a strong online presence or handle a customer’s private information. But with the plethora of risks that can constitute a breach, no type of business, regardless of industry or size, is immune.

One of the biggest stories of the 2013 holiday shopping season had nothing to do with the hottest toys or the increased reliance on online shopping.

Do you remember what it was?

Hackers infiltrated Target’s point-of-sale system in December and gained access to the credit and debit card information of 40 million customers, and the personal information of 70 million more.

Luckily, the Minnesota based chain has over $100 million of Cyber Liability Insurance, according to sources.

High-profile cyber attacks on companies such as Target have raised awareness of the growing threat of cyber crime. Recent surveys conducted by the Small Business Authority, Symantec, and the National Cybersecurity Alliance, suggest that many small business owners are still operating under a false sense of cyber security.

The statistics of these studies are grim: the vast majority of U.S. small businesses lack a formal Internet security policy for employees, and only about half have even rudimentary cybersecurity measures in place.

Furthermore, only about a quarter of small business owners have had an outside party test their computer systems to ensure they’re hacker proof, and nearly 40% do not have their data backed up in more than one location.

Don’t Equate Small with Safe

Despite significant cybersecurity exposures, 85% of small business owners believe their company is safe from hackers, viruses, malware or a data breach.

This disconnect is largely due to the widespread, albeit mistaken, belief that small businesses are unlikely targets for cyberattacks. In reality, data thieves are simply looking for the path of least resistance.

Symantec’s study found that 40% of attacks are against organizations with fewer than 500 employees.

Outside sources like hackers aren’t the only way your company can be attacked — often, smaller companies have a family-like atmosphere and put too much trust in their employees. This can lead to complacency, which is exactly what a disgruntled or recently fired employee needs to execute an attack on the business.

Attacks Could Destroy Your Business

As large companies continue to get serious about data security, small businesses are becoming increasingly attractive targets — and the results are often devastating for small business owners.

According to Symantec, the average annual cost of cyberattacks to small and medium-sized businesses was nearly $200,000 in 2010. Most small businesses don’t have that kind of money just sitting around, and as a result, nearly 60% of the small businesses victimized by a cyber attack close permanently within six months of the attack. Many of these businesses put off making necessary improvements to their cyber security protocols until it was too late because they feared the costs would be prohibitive.

Curious about what you can do to prevent Cyber Crime?

ohio-cyber-crime-prevention

Why Cyber Liability Insurance?

As technology becomes increasingly important for successful business operations, the value of a strong Cyber Liability Insurance policy will only continue to grow.

The continued rise in the amount of information stored and transferred electronically has resulted in a remarkable increase in the potential exposures facing businesses. In an age where a stolen laptop or hacked account can instantly compromise the personal data of thousands of customers, or an ill-advised post on a social media site can be read by hundreds in a matter of minutes, protecting yourself from cyber liability is just as important as some of the more traditional exposures businesses account for in their General Commercial Liability policies.

A traditional business liability policy is extremely unlikely to protect against most cyber exposures. Standard commercial policies are written to insure against injury or physical loss and will do little, if anything, to shield you from electronic damages and the associated costs they you may incur.

Cyber exposures are vast, ranging from the content you put on your website to stored customer data, processing credit card payments to something as simple as having an email address. Awareness of the potential cyber liabilities your company faces is essential to managing your risk through proper coverage.

Possible exposures covered by a typical cyber liability policy may include:

1. Data breaches

Increased government regulations have placed more responsibility on companies to protect clients’ personal information.

In the event of a breach, notification of the affected parties is now required by law. This will add to costs that will also include security fixes, identity theft protection for the affected, and protection from possible legal action.

While companies operating online are at a heightened risk, even companies that don’t transmit personal data over the internet, but still store it in electronic or hard-copy form, could be susceptible to breaches through data lost to unauthorized employee access or hardware theft.

2. Intellectual property rights

Your company’s online presence, whether it be through a corporate website, blogs or social media, opens you up to some of the same exposures faced by publishers. This can include libel, copyright or trademark infringement and defamation, among other things.

3. Damages to a third-party system

If an email sent from your server has a virus that crashes the system of a customer, or the software your company distributes fails, resulting in a loss for a third-party, you could be held liable for the damages.

4. System failure

A natural disaster, malicious activity or fire could all cause physical damages that result in data or code loss. While the physical damages to your system hardware could be covered under your existing business property or electronic data processing policy, data or code loss due to the incident would not be covered.

5. Cyber extortion

Hackers can hijack websites, networks and stored data, denying access to you or your customers. They often demand money to restore your systems to working order. This can cause a temporary loss of revenue plus generate costs associated with paying the hacker’s demands or rebuilding if damage is done.

6. Business interruption

If your primary business operations require the use of computer systems, a disaster that cripples your ability to transmit data could cause you, or a third-party that depends on your services, to lose potential revenue.

From a server failure to a data breach, such an incident can affect your day-to-day operations. Time and resources that normally would have gone elsewhere will need to be directed towards the problem, which could result in further losses. This is especially important as denial of service attacks by hackers have been on the rise. Such attacks block access to certain websites by either rerouting traffic to a different site or overloading an organizations server.

Cyber Liability Insurance is specifically designed to address the risks that come with using modern technology; risks that other types of business liability coverage simply won’t.

The level of coverage your business needs is based on your individual operations and can vary depending on your range of exposure. It’s important to work with an Insurance Advisor that can identify your areas of risk, help you mitigate your chances of a breach, and design a policy that’s tailored to fit your unique situation.

Conclusion

As reliance on technology constantly grows, new exposures continue to emerge. As your business expands, make sure your Cyber Liability coverage grows with it.

You likely already have General Liability Insurance to protect your business in the event you injure someone, or damage their property.  And if you own or lease the space where your business is located, you should have Commercial Property coverage in case your building or its contents are damaged.  If you provide specialized advice to your clients such as an attorney, real estate agent or consultant, you probably have a Professional Liability or Errors & Omissions policy.

Here’s the reality check: given today’s technology and the risks your business faces, there’s a better than average chance that you’re far more likely to experience a cyber attack or data breach, than you are to suffer a loss that’s covered by any of the other insurance policies you already have in place.  And if you fall into the statistical majority of small business owners, you don’t have Cyber Liability Insurance.

If you’d like additional information and resources, we’re here to help you analyze your needs and make the right coverage decisions to protect your operations from unnecessary risk.  You can download a free copy of our eBook, or if you’re ready make Cyber Liability Insurance a part of your insurance portfolio, Request a Proposal and we’ll get to work for you.

Cyber & Data Liability Insurance eBook

Category: Cyber Liability Insurance (1)