You have secured your data through a Virtual Private Network (VPN), security software, and strong passwords. Your personal and company information is safe, right? In other words, there is no need for Cyber Insurance.
Really? In today’s world, technology is changing so rapidly that the protection you have instituted today may not be up-to-date tomorrow. Plus, you have protected your data from outside attacks, but what if an employee plants a bug directly into your server?
Would you be financially able to cover the cost of lawsuits regarding the data breach? Probably not when you consider all the associated expenses such as recovering the data, notifying customers of the breach, business interruption, and lots more. Cyber Insurance is designed to help with these and other costs.
What is cyber insurance? According to pcmag.com, “the core idea behind cyber insurance is to help you recover from a data breach or identity theft by mitigating all the costs that crop up in the aftermath.”
Research shows the average data breach costs about $250 per record lost. Even a small business can experience thousands of dollars in expenses at that rate.
Types of Cyber Insurance
There are two types of cyber insurance: first-party and third-party liability.
The damage done directly to your business is the first-party liability type. This includes data replacement, scrubbing and replacing equipment, income/revenue loss, hiring an investigative expert, crisis management, and public relations damage control.
As if it were not bad enough to be exposed to all these costs, your client may sue you for failing to prevent the data breach. Third-party liability includes attorney’s fees, litigation and court costs, judgments if your company is found liable, and even out-of-court fees.
Cyber Insurance Checklist
Obviously, you will want to purchase the plan that is most appropriate for your organization’s needs. The checklist provided by coverlink.com should help you decide what you can protect with a cyber insurance plan. Some of the items to consider are:
- Data Breach – this is when your sensitive, confidential, or private data is viewed or stolen. You’ll want to have this in your policy to help prevent major loss to your business from third-party losses.
- Network Security Coverage – this applies to losses directly felt by your network security, including breaches, data restoration, theft or tampering, and business interruptions.
- Business Interruptions – the loss of income a business may suffer after a cyberattack should be included in your policy.
- Forensics – this will cover the costs of the investigation into how, why, when, and where a cyberattack occurred.
The complete list is contained here.
How Much Cyber Insurance Do You Need?
At the previously mentioned figure of $250 per record, it is easy to see how quickly your business and/or your client’s business expenses can add up. That means you must evaluate the business risk for all parties that could be involved in a breach to determine the amount of cyber insurance needed.
On average, most small companies purchase a cyber liability insurance policy with a $1 million per occurrence limit, a $1 million aggregate limit, and a $1,000 deductible. However, remember your risk evaluation and taper the plan to that amount. Cyber liability policies have limits that range from $1 million to $5 million or more.
Many factors are included in pricing the cyber insurance plan most suitable for your business. TechInsurance estimates a policy’s cost with a $1 million per occurrence limit and a $1 million aggregate limit is somewhere between $145 to $1,745 per month. They state that many small businesses pay less than $1,500 per year for cyber insurance. That is a far cry from hundreds of thousands of dollars in the event your company is breached.
You have insured your company’s buildings, equipment, and vehicles. You may have insured your employees’ lives and/or health. Insuring your company against a cyberattack is no different. It just makes smart business sense.
If you want to know more about protecting your company and its data or any IT needs, please visit our site.