Data breaches, identity theft, and other cyber crimes have steadily increased yearly—affecting all-sized organizations and causing significant losses to businesses and people. Small and large companies are susceptible to getting hacked or getting a virus.
As an organization’s network infrastructure becomes more complex, the risk of a security incident increases. Similarly, as our reliance on internet resources grows, so do the threats associated with cyber crimes and the potential for damage to businesses.
According to a recent blog from Astra, a company that offers a security suite for businesses worldwide, small businesses account for 43% of cyber attacks annually. Still, only 14% of SMBs have a cyber security plan. The article goes on to say that small and medium-sized businesses lose $25,000 on average due to cyber attacks.
While many small business owners are aware of cyber insurance, many have not taken the time to consult with an insurance company to look into costs and coverages—making them more vulnerable to the consequences of an attack.
In the event of a damaging cyber attack, a paid-out insurance claim can mean the difference between survival and bankruptcy for a business.
In this blog, we’ll discuss what cyber insurance is, what a cyber policy covers, the type of businesses that need it, the cost of cyber coverage, and more.
What is cyber insurance?
Cyber insurance is business insurance specifically designed to protect an organization against claims from ransomware, a rogue employee, a staff mistake, a phishing attack, theft of hardware, a lost or stolen laptop or device, and other events.
More specifically, this type of insurance generally covers a business’ liability in the case of a data breach involving sensitive customer information, such as Social Security numbers, credit card numbers, account numbers, driver’s license numbers, and health records.
What does a cyber policy cover?
Cyber policy coverages vary, and some policies cover the costs of cyber extortion, data recovery, business interruption resulting from security breaches and system failures, and e-crimes. A policy may also cover contingent business interruption resulting from incidents at your vendor or supplier locations.
In addition to legal fees and expenses, cyber insurance typically helps offset costs associated with
- financial losses incurred from a cyber attack or data breach
- recovering compromised data
- repairing damaged computer systems
- notifying customers about a data breach
- reinstating the personal identities of affected customers
What type of businesses need cyber insurance?
Regardless of size, almost any business can be at risk for cybercrime. But, certain companies need cybersecurity insurance more than others, such as:
- Businesses that store important data online or on computers
- Businesses with a large customer base
- Businesses with high revenue or valuable digital assets
You may also want to consider cyber insurance if your business supports electronic transactions, customers are asking if you have cyber liability coverage, or if a ransomware demand would threaten the viability of your business.
How much does it cost?
Premiums vary from company to company based on the type of business and the level of exposure to cyber risks. A recent study by AdvisorSmith Solution Inc. found that the average cyber insurance cost in 2019 was $1,500 per year for $1 million coverage, with a $10,000 deductible.
Additional factors that may influence the cost include company size and industry, amount and sensitivity of data, annual revenue, software security measures, and policy terms.
How much coverage does my business need?
$1 million in coverage is pretty standard for small businesses. But, some small businesses with higher risk profiles may be advised to purchase $2 million or more in coverage.
Where can I get cyber insurance?
Many insurance agencies now offer cyber insurance along with traditional business insurance policies. You can also obtain quotes from most major insurance providers, such as Geico, Progressive, and Nationwide, to name a few.
However, it is essential to know that not all cyber insurance policies are equal, and various factors must be considered when selecting a policy. Therefore, you should talk to a broker specializing in cyber liability insurance.
You may also want to check with your managed service provider (MSP) for a referral. They should be able to connect you with a broker that provides coverage to both managed service providers and their customers—which can translate into discounted insurance premiums.
How do I apply for cyber insurance?
Every insurance policy starts with an application; cyber insurance is no exception. Unfortunately, the application process can be daunting for businesses, and we recommend that you enlist the help of your broker and IT team.
The insurer will first want to know if your business has basic security measures, such as data encryption, firewall technology, intrusion detection software, anti-virus software, and other cybersecurity protection software.
The good news is that enrolling your business in an MSP’s cybersecurity protection program will make the insurance application process move along more quickly and easily.
In closing
We hope this article has provided you with what you need to know about business cyber insurance so that you can make the most informed decision for your company.
Your first level of protection against cyber-attacks should be the three T’s
- Technology
- Technical support
- Training
In combination, these three layers will minimize the chances of a cyber breach occurring in the first place.
However, these layers do not provide 100% protection from data loss. Should a breach occur, cyber insurance provides an essential level of financial coverage.