Does My Business Really Need Cyber Coverage?
The global cost of cyber crime has skyrocketed, estimated at $400 billion annually, with 70% of breaches attributable to malware or hacking. Today, the risk of sensitive data getting into the wrong hands is a much bigger and more dangerous risk than ever before. As consumers or business owners, we supply and store so much sensitive data online — much more than we did just 10 years ago. And as large companies invest greater resources in cyber defense strategies, cyber criminals are setting their sights on small and mid-sized businesses. So who is looking out for these business owners?
The statistics underscore this very real threat. In fact, recent studies show that over 43% of cyber breach victims were small or mid-size businesses, and 60% of those businesses are at risk of closing their doors after a major cyber attack.
We’re used to the idea of property insurance — those are tangible, physical assets that we want to protect. But when it comes to non-tangible digital assets (think social security numbers, medical records, credit card information and more), sometimes we don’t fully consider what it takes to store and protect such sensitive content from more frequent cyber attacks.
64% of Americans have an online account involving health, financial, or other sensitive data, according to the Pew Research Center. Cyber security is taken so seriously that the Department of Homeland Security created a National Cybersecurity Awareness Month, taking place in October.
The need to protect your customers’ data is more important than ever before, and more and more businesses are leaning toward a third party to help protect and insure sensitive data. Almost 70% of companies are now transferring risk of cyber exposure to a third party.
Do I really need it for my business, though?
While cyber insurance isn’t the end-all for protection, the simple answer is yes, it’s highly recommended — no matter what line of business you’re in. If you do any sort of financial transactions online and handle or store sensitive customer information in any electronic form, this coverage is a necessity.
So what does cyber liability coverage typically include?
Cyber liability coverage typically covers any financial loss that may occur as the result of data breaches or other events. Most policies include:
First-party coverage: This covers any losses by your company directly. For instance, if your company’s files or data were compromised by a hacker.
- Loss or damage to electronic data via a hacker attack, virus or denial of service attack (even if it was stored on a computer belonging to someone else)
- Outside consultants hired to preserve or reconstruct data are also usually included
- Loss of income or extra expenses incurred to avoid or minimize a shutdown after a computer system failure
- Cyber extortion applies when a hacker breaks into your computer and threatens to commit a negative act. Similar to ransomware, the hacker may demand payment before your content can be released.
- Notification costs are when you have to notify parties affected by the breach — for example, reaching out to your customers, hiring legal counsel, or setting up a call center.
- Reputation damage is covered to help protect your company’s reputation following a breach, and any costs associated with that.
I have cyber coverage. That’s enough, right?
In a word, no. While cyber liability coverage is a wonderful added layer of protection, it is not a replacement for good, common sense digital security measures. It’s still important to take proactive measures to ensure proper security policies are in place and that whatever software you use is always up-to-date. Most insurance companies are not going to pay out if you, as a company, do not provide adequate care to protect your own data networks first.
Ready to add cyber liability coverage to your BOP (Business Owner Policy)?
CIG is excited to announce that we now offer Cyber Liability Coverage for BOP. Contact your local independent agent to find out more and stay better protected from potential cyber losses.