Cyber insurance may sound like something out of a sci-fi movie, but in reality, it’s one of the most important types of insurance a business owner can have today. And the more we rely on technology for our most important transactions, the more critical cyber insurance will become. In fact, security.org predicts that cyber insurance will grow into a $20 billion industry by 2025.
Cyber insurance protects your business should there be a data breach that compromises your customer’s personal information including credit card numbers, driver’s license numbers, health records, social security numbers and addresses. Additionally, it can cover you in the event that a customer files a lawsuit against your company after a breach.
Who needs cyber insurance?
It doesn’t matter if you operate a small yoga studio or own a large, regional legal firm - if you own a business that stores your customer’s sensitive and personal information, you should consider purchasing cyber insurance if you haven’t already. Not only can a security breach tarnish the reputation of your company, but it can be costly to repair the damages.
In 2022, about 56% of cyber insurance claims were from smaller businesses. However, if you have a large customer base, it’s critical that you have cyber insurance. It’s required by law to notify all your customers in the event of a security breach, and that can get costly for large companies. With cyber insurance, however, the costs are covered. Additionally, if you have a business with high revenue or digital assets, you can protect it with cyber insurance.
What does cyber insurance cover specifically?
Typically, cyber insurance is offered as either first party or liability coverage. Most first party coverage plans include investigating the breach incident, ransomware attack payments, and lost revenue if your business was interrupted. These policies will also help notify customers of a cyber-attack and for risk assessment of cyber events in the future.
Liability (or third party) coverage protects you if you’re sued by a customer for damages after a cyber-attack. These plans cover attorney and court fees and regulatory fines as well as settlements.
If you own a technology company that either provides tech services or makes a tech product, you should consider an errors and omissions policy that covers you in the event your product is faulty and somehow compromises customer data via use of the program. If you host a website that is hacked, you could be liable if customer information stored on the website is used.
What doesn’t cyber insurance include?
While most cyber insurance plans are very comprehensive, they won’t cover everything. You may want to talk to your insurance provider if you need additional coverage for property damage (from hardware damage during the attack for example), or for intellectual property damage.
Additionally, cyber insurance policies will not cover self-inflicted cyber incidents that happen within your business. An exception would be if an employee committed the cybercrime – then a commercial crime insurance policy could offer protection. Also, cyber insurance won’t cover costs for any preventive measures you take to protect your business from future cyber-attacks.
How do I get cyber insurance?
Many insurance carriers offer cyber insurance as an add-on to business owners’ policies. However, you might need more or a different type of cyber insurance policy based on your needs. We recommend talking to an experienced agent at Roehr who can help you choose the right plan, at the best price.