Focus on Cyber Liability Insurance for Small Business

September 21, 2017

If you're in business, how high would you rate your chances of being hacked? If youanswered "zero" it must be because you don’t use computer systems.

Or perhaps you're not aware that, every year, over 43 percent of all small and medium businesses are targeted by cyber crooks. That's the word from New York Small Business Development Center.

And that's why cyber liability protection is one of the fastest growing sectors of the insurance market.

That -- and the fact that on average it costs $38,000 to put things right after a hack attack. These costs are steadily rising and many smaller businesses simply never recover from a breach.

Cyber Liability Versus Data Compromise

Although most of the cyber security insurance terms are interchangeable, there is an important distinction that needs to be understood.

Cyber liability insurance is the umbrella terms covering all of the risks outlined above. But it may be possible to insure against just the costs of the loss of data -- what is known as data compromise insurance.

This is a sort of "first party insurance" -- in other words, a company buys protection against their data being breached.

This is significant for tech companies and IT service providers, who not only face the risk of their own systems being hacked, but also being blamed when one of their clients' systems are breached,

These companies need to insure themselves as above but also take out liability insurance against being sued by a client. This type of coverage is called "third party cyber risk insurance" and wouldn’t be covered in a data compromise policy.

And if you're not in IT but employ a contractor to provide your systems and support, always check that they have third party cyber security coverage.

Aren't I Already Covered?

A standard commercial liability insurance policy rarely covers cyber liability.

But you may already have a level of protection. For example, a few general liability and some business owner's policies (BOPs), directors and officers (D&O), tech errors and omissions (E&O) and even medical malpractice coverage may include an element of cyber security protection.

However, it may be inadequate for today's risks and the costs of putting things right. Or it may not be there at all. So, speak to your insurance professional to understand what coverage you already have and whether this should be supplemented, either within the policy or through standalone coverage.

Cyber Liability Risk Management

Reducing your cyber liability risk is often down to taking some commonsense measures to protect your systems and the data they store.

Your risk management policy might include:

  • Installing commercial-grade security software and keeping it up to date
  • Installing a software or hardware "firewall" that blocks unauthorized external access to your systems and your Wi-Fi networks
  • Backing up all of your data and storing it off-site
  • Limiting employee access to systems and carefully vetting those who do have access (some data breaches are inside jobs)
  • Educate all employees on the importance of cyber security. Ideally, have a written policy that is given to all employees. Display posters reminding employees of the risks.
  • Use strong passwords that are regularly changed. Ideally, every employee should have a unique password so you can always tell who has been accessing your systems or who's responsible for a security breach.

Do I Really Need Cyber Liability Insurance?

You decide. But consider this:

  • Over 18 million US businesses already have cyber security insurance.
  • Nearly two thirds of businesses targeted by hackers are small firms.
  • As recent events have demonstrated, the risk of an attack is increasing.
  • So is the sophistication of criminal activity that can break through seemingly secure systems.
  • The regulatory environment is tightening -- New York state introduced new rules this year -- and is likely to continue to do so.
  • The costs of making good after a data breach are also climbing rapidly.
  • The very survivability of your firm could depend on being properly protected.

If you'd like to discuss protecting your business against cyber attacks, please speak to the cyber liability insurance experts at Newbridge Coverage 1-516-781-9000