Every year the number of cyberattacks businesses face AND the expense of a cyberattack increases. The average cost of a data breach, according to IBM, is $4.35 million USD. A cyberattack and any data breaches that come with it can cause a business of any size to go under. Cyber liability insurance, also referred to as cyber insurance, is marketed as helping prevent that drastic outcome. But is cyber liability insurance REALLY worth the expense?
Cyber liability insurance is absolutely worth the cost. While the dollar amount cyber insurance can save varies by policy, it commonly covers things like legal expenses, fines/penalties, IT forensics, notification of customers, or credit protection.
Still on the fence about shelling out the cash for cyber liability insurance? Keep reading! We’ll dive deeper into its benefits and coverage, which businesses need it the most, and the risks of going without.
Cyber Insurance, Explained
What You Risk If You Skip It
The short version of this section is that you risk losing your business altogether if you forgo cyber insurance. The long version is that there are a lot of expenses and efforts in the aftermath of a cyber attack that you will be liable for. Cyber insurance coverage can help your business fulfill those liabilities without going under.
Liability Insurance Isn’t Enough
You may already have purchased a hefty liability insurance policy for your business, but that coverage typically only extends to the cost of injury and property damage claims against your business.
Cyber attacks are their own unique disaster and most liability insurance policies offer no coverage for their aftermath. However, the company you purchased your liability policy through likely offers cyber coverage as well, and you may be able to bundle those purchases to save a little money. Give your insurance agent a call today!
Lack Of Assistance Paying Regulatory Fines and Penalties
Part of the destruction that a cyber attack leaves in its wake are regulatory or privacy law fines and penalties. In this day and age, there are many agencies monitoring and regulating the storage and transmission of sensitive information across many kinds of industries, so you’re likely to incur a few penalties after an attack.
How much do you have set aside in your business savings account? Is it enough to cover a fine of $50-$50,000 per record, with a cap of $1.5 million per year? Because that’s how much HIPAA violations due to cyberattacks cost. And that’s just one common regulatory body.
No External Crisis Support or Management
How confident are you in your business’ cybersecurity plan, right this second? What about your incident response plan in the event of an attack? Do you even have one?
Some cyber insurance policies provide varying degrees of recommendations, assistance, or guidance in developing an incident response plan. They often also help keep you on track while you’re in the midst of the crisis, so you don’t have to navigate it alone.
You’ll Be On the Hook For Legal Expenses, Too
If your business experiences a cyber attack, a key component of your incident response plan should be to contact your lawyer. They’ll help you ensure that you meet all regulatory requirements for your state and locality and help you navigate any court proceedings that could arise as a result of the attack.
If damages are ordered to be paid to the victims of the attack on your company, employees or customers, your cyber liability insurance coverage will help with that too.
Rebuilding and Restoring Your Network Ain’t Cheap
Once the dust has settled and the cyber attack is over, your work has just begun. You must rebuild and restore your network to function better and more securely than before the attack. As you can imagine, the labor and devices associated with this reconstruction are incredibly expensive. Cyber insurance can mitigate some of those expenses for you.
Who Needs This Coverage The Most
We recommend that EVERY business, no matter its size, that uses computers, smartphones, and/or the internet in any capacity invest in the protection of cyber liability insurance. The reality is that most businesses cannot survive the expense, stress, and labor associated with going through a cyberattack and data breach.
With that being said, we know that the expense of cyber insurance is significant. So, we’re going to highlight the circumstances in which we especially recommend that coverage – and tell you why.
If You Have E-Commerce Sites or Take Any Online Payments
Ransomware isn’t just used to withhold data. It can be used to hold your online shop hostage as well. Other types of malware can break your website or internal network so badly that it can take weeks or even months to fix.
Whether you have an online storefront or accept electronic payments, any outage caused by a cyber attack can directly impact your bottom line. Add the expense of repair, fees/penalties, and damages, and you can end up in the red in a flash.
If You Store Or Send Any Personal Information Electronically
Cybercriminals specifically target smaller businesses that handle personal data because they can get valuable information from them with much less effort than they can from an enterprise. So if you’re in personal data heavy industries like healthcare or financial services, you’ve got a bullseye on your back.
Cyber liability insurance can help you prepare for and weather inevitable cyberattacks if you’re in a personal data focused industry. It could be the difference between closing your doors for a week or for good.
If You Communicate With Customers Online/ via Voice Over Internet Protocol
These communications and the vulnerabilities they introduce make your business more susceptible to a devastating cyberattack. Cyber insurance will help you secure your business with funding for regular audits, and cover expenses if something (someone) slips through your radar.
If You Accept In-Store Credit Card Transactions
Financial details are some of the most valuable data to a hacker. That means that, no matter how small your business or how rurally you are located, your transactions will be ripe targets for a cyberattack. In order to prevent extreme losses, you should invest in coverage.
If You Would Experience Harm From Ransomware or Interrupted Services
Every minute your website or services are down affects your bottom line. On top of the lost revenue due to a cyber attack, you will likely also face a number of the expenses we talked about earlier in this article. Cyber liability insurance coverage can help you cover those expenses so the losses don’t destroy your business.
Coverage and Benefits of Cyber Liability Insurance
Most insurance companies allow you to choose or bundle your coverage, and each company has different offerings. The below options are the most common, but you’ll need to talk to your insurance company of choice to confirm what is available to you.
A tedious part of experiencing a data breach is the notification of the affected parties. These can be your customers, employees, bank, third party vendors, or government agencies if you are legally required to report to them. Cyber insurance can provide assistance with this notification process, which helps ease your burden as a business owner in such a difficult time.
Ransomware is a particularly nasty type of cyberattack small businesses face. Hackers take your data hostage via encryption, and refuse to give you the key unless you pay a hefty ransom, which you may or may not be able to cover. A cyber insurance policy can help you pay these types of costs or recover funds spent to get data back.
Fines, Penalties, and Damages
Otherwise known as third-party indemnification, cyber insurance can assist you in paying the victims of your cyberattack. Additionally, cyber liability insurance can pay any fines or penalties placed on you by law enforcement or regulatory agencies due to a cyberattack and data breach.
Remediation (Legal Expenses)
This component of cyber coverage addresses one of the many expenses that arise when dealing with a cyberattack: legal fees. This aspect of the insurance policy assists you in responding to threats as well as recovering lost funds or reputation.
Security Audit Costs
As a preventative measure, some cyber liability insurance covers network security audits. Think of a network security audit as your regular checkup with your doctor. A cybersecurity professional reviews your security measures and systems thoroughly, searching for vulnerabilities. Then they report back to you with recommendations for patches and upgrades.
An unexpectedly difficult part of experiencing a cyberattack is the necessity of quarantining infected devices or servers to contain the spread of malware across your network. Cyber insurance often provides assistance executing the difficult and expensive task of isolating these devices from the internet or your internal network.
A common ask of companies who face a data breach is that they offer credit monitoring or protection to their affected customers and/or employees. As you can imagine, the expense of this offering can quickly add up, especially if you have a large customer base whose data is compromised. Cyber liability insurance can cover some or all of that expense.
Recapping Cyber Insurance
The bottom line here is that you simply can’t afford to do business in 2022 if you can’t afford to cover your business with cyber liability insurance. It should be as high a priority as plain old liability insurance.
If you skimp on cyber insurance you may not regret it right away, but you will regret it eventually. Because cyberattacks are no longer an if, they’re a when. If you have further questions about cyber liability insurance or the impact of a data breach, contact us. We’d be happy to delve deeper.