With the internet fast becoming a ubiquitous part of most businesses, the need for proper protection in this area is only going to increase going forward. Fortunately, cyber insurance policies can be easily added on to your existing business coverage, but they’re far from a one-size-fits-all solution.
Who Needs It?
At this point, just about any business with a website needs some level of cyber insurance coverage. That’s true even if the only users of your network are your employees, as you likely store plenty of their personal information in your company’s computer systems, and you have a legal obligation to protect that information.
If you conduct transactions and accept payments online, you absolutely need to be covered by a cyber insurance policy, and you also need to make sure you have the level and type of coverage that’s appropriate to your situation.
What’s Covered?
Cyber insurance policies can vary dramatically in what they cover and what they exclude. Unlike many common types of business insurance that cover a relatively standard set of circumstances, cyber insurance is anything but standard, and so you’ll have to read any policy very carefully before agreeing to it.
There are essentially two types of cyber insurance coverages you can get. One covers first-party risks, which includes loss or damage of your company’s own data. Third-party risks, on the other hand, apply to situations in which you are liable for the loss or damage to sensitive information belonging to clients, vendors, or the government.
Depending on your situation, you may need one or both of these coverages. But you still have to make sure you understand when the policy will activate and what exclusions apply. Commonly not covered are things like lost unencrypted data, breach notification services, identity monitoring, data transmitted to and then lost by third parties, and data restoration services. You may also find your coverage voided if you, intentionally or unintentionally, violate your own privacy policy as well.
How Much Does it Cost?
Because this type of coverage is so new, the marketplace is prone to somewhat dramatic fluctuations. That makes it especially important to get multiple quotes from different insurers before you settle on one. It also means that there’s generally more room for negotiation in rates for cyber insurance as opposed to those for other types of business insurance, which is something to keep in mind as you proceed.
Another element that will impact the rate you ultimately pay is the quality of your cyber security system. Just because you have insurance coverage doesn’t mean a breach can’t occur, and the best way to keep your business protected is to have proper anti-malware and anti-virus software installed, as well as firewalls and other sensible security precautions. Employees need to be trained on the importance of protecting digital information, including what’s stored on their personal devices, and access to your computer systems needs to be appropriately restricted.
Third-party Impact
If you participate in the exchange of data with any type of third party, you need to be aware of the risks, as well as what you may be liable for. For instance, if you share data with a vendor, and that vendor does not have cyber insurance, you may be liable in the event of a breach. Ensuring that anyone you share data with is properly protected and insured is the only way to fully protect yourself.
Repair vs. Reinforcement
When a breach does occur, your cyber insurance policy will likely pay for repairs, whatever that involves. It will not, however, typically pay for reinforcement of your system to prevent something similar from happening in the future. While you may not want to take on this extra cost yourself, it’s better to protect yourself from data loss ahead of time than pick up the pieces afterwards.
Another thing to keep in mind is that, even though you may repair the breach, the damage is not only to your computer systems. Any time you lose anyone’s sensitive information, your brand will take a hit as well, and unless you can show that you’ve dramatically improved your security, customers and other third-parties may be hesitant to trust you with their data again.
That’s all the more reason to work on improving your security before a problem presents itself, on top of having comprehensive cyber insurance coverage in place. If you’d like to learn more about what you can do to protect your data and what types of insurance policies we offer, contact our offices today.
