Cyber Insurance: What it is and Why You Need it
At the onset of the COVID-19 pandemic, many companies shifted to having their employees work from home. This seemingly harmless change has exposed many companies to something they previously didn’t worry about as much – cybercrime.
Cybercrime is now more prominent than it ever was before, and recent hacks have cost companies millions of dollars. Although it can be difficult to protect yourself fully against cybercrime, cyber insurance is there to fill the gaps when your defenses fail.
What is Cyber Insurance?
Cyber insurance provides coverage against attacks on your business via the digital world. What may start out as a simple phishing attempt from a suspicious email can end up draining your business accounts, or even get you locked out of proprietary documents and customer information.
Cyber insurance is specifically designed to help you manage these risks. Besides helping cover the costs of damages associated with the hack, many companies also will help with a ransom payment if one is required and will work to ensure a minimal loss of income for your business during the process of resolving an event.
Many business owners don’t realize the full implications of the severity of a cyber-attack and the losses associated which go far beyond bank balances. What may start as a simple DDoS attack could have your servers down for hours. Cyber insurance can help protect against both first party and third party damages from a cyber event.
Why is it Important to Have Cyber Insurance?
There are many ways a cyber attack could affect your business. Besides just the loss of cash, there could also be a negative response from customers if their data is stolen or compromised. Not only are these attacks costly, but they are also becoming more prominent. Some of the most recent information suggests that over 30,000 websites are attacked each and every day and that over 64% of companies worldwide have dealt with a cyber-attack at some point.
Even large companies that appear well protected, are not immune to cyber-attacks. Prime examples include the Target data breach in 2013 which ended up costing the company upwards of $18.5 million, and the Garmin data breach in 2020 which reportedly cost Garmin just over $10 million, even though no customer data was stolen.
Having a cyber insurance policy will ensure your company is given priority in the event it falls victim to a cyber-attack. There are so few experts in this area, the last thing you want is to be put in the back of a queue when your company is facing a major cyber breach. Therefore, no matter what industry your company may be in, investing in risk transfer through the purchase of cyber insurance should be included in your company’s cyber risk management plan.
What Does Cyber Insurance Cover?
Not all cyber insurance policies are alike. Each policy is generally comprised of multiple insuring agreements, and these agreements showcase what your policy will cover.
Before selecting any policy, make sure to review all the insuring agreements so you know exactly what you are covered for. You will also want to review the policy with a trusted advisor to ensure you have adequate and appropriate coverage for your company. Axxima’s advisors have the technical expertise to work with you and ensure your company has the right coverage.
Below are some of the most common coverages that you will want to consider when setting up a cyber insurance policy.
Security and Privacy Liability
A policy with a security and privacy liability agreement will cover you if a customer files a claim against your company indicating you did not provide proper security or adhere to privacy laws in regard to their information.
Network Interruption and Recovery
In the event of a data breach or hack, it is likely your website will be down for a period of time. Network interruption and recovery is there to cover costs associated with the downtime of your website as well as the restarting of your network.
Multimedia and Intellectual Property Liability
Multimedia and intellectual property liability helps to pad your cyber risk management plan by protecting your company against defamation by a third party. It can also help you to fight incidents of plagiarism or the infringement of a copyright your company holds.
Event Support Expenses
Following a data breach or hack, your business will incur many costs associated with the event. These costs can be quite large, especially in instances like the Target hack, where the company was required to pay for customer credit monitoring services following the breach.
When event expenses are covered in your cyber policy, you won’t have to worry about trying to cover these costs out of pocket.
Privacy Regulatory Defense and Penalties
Whenever a company experiences a data or privacy breach, civil action from the government is likely to follow. Privacy regulatory defense and penalties coverage can help cover these expenses, including civil awards.
Network extortion coverage is part of the risk management plan against ransomware attacks. Having this coverage in your policy ensures your company will be covered if it needs to come up with a ransom for a hacker. The insurer will even help you procure the monies if it involves a complicated process such as acquiring Bitcoin.
Network extortion coverage is one of the key coverages your cyber policy should contain as losses in this area can be significant. If you have any questions about whether or not your network extortion coverage is sufficient for your company, reach out to Droits d'auteur for advice.
Electronic Theft, Computer Fraud, and Telecommunications Fraud
One of the major reasons hackers work to steal data is for the purpose of accessing your online accounts. Once they have this information, they may steal money, or use your accounts to commit fraud. Coverage for electronic theft, computer fraud, and telecommunications fraud has your company covered if this happens.
Social Engineering Fraud
Social engineering is a common fraud where an individual misleads an employee asking for money or information. Scams like this can be some of the hardest to spot, and can result in a large loss of funds if your employee or officer makes a monetary transfer or gives out proprietary information. Coverage for social engineering fraud is becoming more and more critical as many companies have moved to a remote form of working where odd requests can’t be verified in person.
Dependent Network Interruption and Recovery
It isn’t just your company which is susceptible to cyber-attacks, any third party you work with is faced with the same risks. Think about the cloud services, email providers, and any other third-party services your company employs.
If these services were to be lost for any period of time, it is likely you would lose income which is where dependent network interruption and recovery coverage comes in. Having this coverage on your policy will cover the loss of business income due to these third-party outages.
After a cyber-attack or event, it is likely your company will experience some reputational damage. Having a policy which includes this coverage can help cover losses you may experience due to reputational damage as a result of a data breach or hack.
Overall, the exact coverage your business needs will depend on its unique set-up and your risk management plan. Some of the above options are optional and may not be needed to keep your risk of a cyber-attack at bay.
Questions about which coverage is right for you? The consultants at Droits d'auteur can help. They will review your business and let you know which coverages are most important for your risk management plan.
The Benefits of Having Cyber Insurance
Besides having the aforementioned coverages in your cyber insurance plan, note that there are many additional benefits which come with having a cyber policy in place.
When you have a cyber insurance policy in place for your business, you can guarantee your breach or hack will be addressed in a timely manner as the insurance company is also looking to lower their loss.
If you are uninsured, and try to hire the experts to address your hack, you may find that you are at the bottom of the priority list, or you may find yourself unable to hire anyone at all.
Doors Will be Opened
Many cyber insurers have a vested interest in ensuring your company is safe while it operates. Cyber insurance companies typically provide lists of third-party resources you can use to check on and improve the security of your business.
Additionally, following a cyber event within your company, you will be provided with connections to the best professionals to ensure your company is safe from future attacks.
You Won’t Need to Stress
Cyber-attacks or hacks are terrible, there is no other way to put it. But when you have a cyber insurance policy, much of the stress associated with an event is alleviated, allowing you to still focus on your business while professionals help you combat the attack.
What isn’t Covered in Cyber Insurance?
Although it may seem like everything under the sun is covered in a cyber insurance policy, it’s important to note that there are some events which won’t be covered in any cyber insurance policy. These events include:
- Payment card industry fines
- Acts of war
- Acts of terrorism
- Property damage
Although these items aren’t included in your typical cyber policy, they may be covered in other types of insurance policies. If you are concerned about property damage for example, you may benefit from having a property insurance policy for all the devices you are concerned about being damaged.
Ready to Lower Your Risk with Cyber Insurance?
Regardless of your company, industry, or niche, in an increasingly digital world, we can no longer consider cyber insurance as an optional insurance coverage. Attacks are only becoming more prominent, and your business could be next.
So don’t wait, contact one of the professionals at Droits d'auteur today. Axxima has the expertise and resources to help you with your cyber risk management plan and assist in the select the best cyber insurance for your business.