Even as the frequency of cyber-attacks continues to rise, it is really the big data breaches that claim the headlines, leaving small business owners feeling like they are an unlikely target of cyber-attack. Yet, the truth is that 58% of malware attack victims are categorized as small businesses, and the frequency of those attacks to small businesses continues to rise.
The rule of thumb used to be if a business collected and/or stored customer data, they were at risk. But recent attacks (Target, for example) have proven that small businesses may be a target merely because of their relationship with larger organizations. If your business experiences a cyber-attack or an accidental data breach it could prove to be extremely costly, with the potential to cause a closure or bankruptcy of your business.
Beware the one-size-fits-all approach.
The amount and type of cyber coverage for one business could be either inadequate or too much for another. Determining the right amount and categories of coverages is best done with the guidance of an experienced insurance agent with access to a variety of cyber insurance products.
Determining how much cyber insurance to buy should be based on an estimate of the potential losses, the likelihood that the event will occur, and how much data your business holds in its files.
What's covered in a cyber policy can be as important as how much.
Cyber insurance is a relative newcomer to the field of corporate general liability coverage. Because it is a newer product, forms and coverages have not yet been standardized. That lack of standardization can be confusing for a small business owner comparing two or more different cyber insurance packages.
Here are some coverages to discuss with your insurance agent:
Security and privacy liability (also known as “Cyber Liability”) is the true liability coverage that pays liability losses from claims made against the insured by various parties for losses from a failure to hinder or prevent unauthorized access to a computer network, failure to prevent physical theft, or loss of their private information.
Privacy notification and crisis management expense coverage helps with the immediate response costs associated with a data breach. This may include hiring a forensic expert to determine the cause of the breach, notifying affected individuals, and offering credit monitoring services to these individuals.
Cyber extortion covers the costs associated with a cyber extortion event and can include paying a ransom demand, hiring a computer security expert, and expenses to hire professionals to negotiate with the cyber criminals.
Regulatory penalty cost coverage pays fines and penalties, and the cost of dealing with state and federal regulatory agencies, in the event of a data breach.
Getting to ‘just right for you’ cyber coverage and pricing.
An independent agent experienced in business insurance coverages, including cyber liability insurance, should be able to identify what your business does and doesn’t need, and use that information to build a customized policy.
While cyber insurance may seem confusing, it is vitally important in protecting your business, and it’s better to prepare for the worst in this case. Contact your local SIAA member agency today to find out more on which cyber insurance plan is best for you.
The information on this site is general in nature. Any description of coverage is necessarily simplified. Whether a particular loss is covered depends on the specific facts and the provisions, exclusions and limits of the actual policy. Nothing on this site alters the terms or conditions of any policies, nor does it provide any guarantees. You should read your specific policy for a complete description of coverage.