You may have heard of Cybersecurity insurance, also known as cyber insurance or cyber liability insurance, and wondered whether taking out a policy is worth the investment each month.
With most businesses relying almost completely on technology to run, managing the risk and impact of cybercrime has become an essential part of running any business. Here we take a look at what cybersecurity insurance is, and whether your business needs it or not.
What is cybersecurity insurance?
Cybersecurity insurance policies are specifically designed to cover you and your business from the financial implications that result from an attack. These can include legal fees, investigators, customer credits and refunds, the costs associated with business interruption including loss of income and related financial loss. However, every policy is different, and it is essential to find the right policy that fits your business needs.
These policies tend to have two key categories –
· First Party Coverage – covers attacks or data breaches within a business’s own network that has directly impacted the business. This policy will pay out for direct and indirect costs if you lose data, software, money, or customers due to downtime.
· Third-Party Coverage – covers losses suffered by others, such as theft and damage to their data, blocked accounts and websites. As well as costs related to lawsuits and liabilities.
There are two options to look at when protecting your business. Cyber Insurance and Technology Errors & Omissions Insurance (Tech E&O). Both cover part of the costs associated with data breaches, but Tech E&O protects your company when a client is harmed, and Cyber Insurance covers the costs to your business and its customers in the instance of an attack. For example, if your business is subject to a cyberattack and customer credit card details are accessed, Tech E&O will not cover you for this, but Cybersecurity insurance will.
Is it worth it?
Now that we have covered what Cybersecurity Insurance is, is it worth getting? If your business creates, manages, and stores sensitive data such as bank and credit card details, names, addresses and contracts, or does a lot of business online. Then, no matter the size of your business, Cyber Insurance is probably worth the investment.
According to the 2022 UK Cybersecurity Breaches Survey, 39% of businesses identified a cyberattack within the last 12 months. And a study completed by Hiscox in 2018 found that 65,000 cyber-attacks are attempted on small businesses every day!
E-commerce businesses can also benefit from the insurance, as customer information is often stored online, and downtime related to a hack can incur loss of sales and customers. With 60% of small business going under within six months of a cyberattack, it’s worth covering your business for the financial losses incurred, potentially saving your business.
What is and isn’t covered?
Like many other insurance policies, every policy is different, with different inclusions and exclusions. But, in general, most Cybersecurity Insurance will cover Phishing, Malware and Hacking.
Ransomware attacks are also debilitating for many businesses, so if you are considering taking out cyber insurance, it is worth checking whether your policy covers ransomware attacks, if it is offered as an optional extra and if they cover the full cost of ransom payments.
It is also worth bearing in mind that policies don’t tend to cover potential future loss of profits, the loss of value to intellectual property theft and betterment costs – your insurance will often help to recover your systems but won’t pay for them to be improved after a security breach.
What next?
If you think taking out a Cyber Insurance policy is the right thing for your business, then the next steps we would recommend taking are to work out the level of cover you need and to discuss your options with an IT provider. They will be able to advise on what your business would need from a policy and may be able to recommend an Insurer.
It is worth remembering that even with a good Cyber Insurance policy in place, having good online security will be your first line of defence. Our recent blog on protecting your clients’ data will help act as a guide to ensure you’re securing your business as best you can.
If you’d like to discuss Cybersecurity Insurance for your business, give us a call on 0207 100 9317 and our friendly team will happily have a chat with you.