Online criminals are relentless and getting smarter. A system compromise is inevitable for many organizations and individuals, but cyber insurance can offer significant protection
From an insurance point of view, today’s cyber landscape is as dangerous as the wildest storm, the most hazardous road, or the faultiest front door lock. And a recent large-scale cyberattack on SolarWinds—which penetrated the government’s supply chain—proved that not even the biggest players are safe from digital risks that can devastate businesses and the people they serve.
As many as 63% of companies have reported cyber breaches, with $17,700 a minute being lost to phishing attacks alone. This leaves ransomware, crypto miners, botnets, and info stealers (to name only a few threats) to wreak havoc on the security of businesses, customers, and private individuals.
The risk is real, and the threat is evolving. But cyber insurance—sometimes known as cyber liability insurance—is there to provide some protection. In this blog, we’ll cover:
- How does cyber insurance protect businesses?
- How does personal cyber insurance work?
- Where COVID-19 and cybersecurity intersect
- Best practices to augment cyber insurance
How does cyber insurance protect businesses?
Anti-virus platforms, firewalls, and other security steps do what they can to stop criminals from getting in, but every business must accept that no security is invincible. Sooner or later, something can get past the defenses. This is where cyber insurance comes in.
Cyber insurance protects a business from liability in the event of a data breach or other system compromise. These compromises can include invasion of privacy, data/record loss, short or long-term operational interruptions, and reputational damage.
Any of these factors could result in significant financial losses measured by the minute, while the worst could result in lawsuits. Cyber insurance helps to cover the costs of lost profits, software/hardware repair, or litigation. It’s important to note that the level of financial protection provided by cyber insurance is variable, so study your policy carefully to see which outcomes and legal costs are covered.
Dedicated cyber policies typically offer first and third-party coverage. First-party protection handles costs the business directly incurs in responding to and rectifying a cyber event. In contrast, third-party protection addresses expenses related to any entity or individual harmed through the incident. These costs include but aren’t limited to fines from regulatory bodies, lawsuits (both individual and class-action), and media liability claims.
It’s not unusual to find some element of cyber coverage in modern liability policies of the more standard kind, like professional and general liability. But don’t have too much faith in those providing adequate protection. A standalone cybersecurity policy is the surest shield against threats, especially if your business handles and/or stores personally identifiable information (PII).
How does personal cyber insurance work?
Keeping our personal finances and identity safe is just as important as guarding a business. Like many insurance types, personal cyber insurance policies are affordable relative to potential loss and address a significant spectrum of risk. These covered areas can include extortion, data restoration, fraud, attacks, crisis management, and even cyberbullying.
These policies can cover the costs of the event and also the fallout from it. For example, resolving a cyber claim may cause a knock-on effect such as lost profits/salary or possibly legal and investigative fees. Payouts from cyber policies can also help reimburse your service provider for any costs they’ve incurred in resolving an issue.
Coverage costs can vary widely depending on the carrier and level of protection, so shop around before committing to a policy.
Where COVID-19 and cybersecurity intersect
The pandemic has seen more people buying online, more employees working from home, and more struggling businesses that are vulnerable—all of which are magnetic draws for cybercriminals. A late-2020 article from Insurance Business America spotlighted how the desire for cyber insurance has sharply increased as companies adjust to the added risks of at-home employees handling company business on personal devices.
There’s no sure sign on the horizon of when COVID-19 will finally be put to rest, so the need for cyber insurance in the interim remains intensified. And even when the pandemic has been defeated, the employment landscape has undergone such a paradigm shift that—as the news is so fond of telling us—returning to “normal” may be impossible.
Think hard about cyber insurance if you’re now working from home and even more if you run a business remotely. Quality coverage will provide significant protection from a variety of expenses if your system is compromised.
Best practices to augment cyber insurance
Having cyber insurance in place doesn’t mean the heat is off. It’s vital to remember that no insurer will look kindly on a claimant who didn’t do all they could to prevent an incident beyond relying on their policy as a shield.
Everyone from the CEO to the security guard must do their part to ensure they’re not a weak link in the safety chain, and individuals should always scrutinize their online behavior. The U.S. Small Business Administration offers free cybersecurity resources via its Cybersecure My Business program.
These comprehensive guides will help SMB owners and employees improve every aspect of cyber awareness and establish a successful cybersecurity culture. Individuals and families can also benefit from much of the advice in those resources, as well as at-home cybersecurity guides such as these tips from Norton, which help make online safety second nature for users of all ages.
The war for security online is continuously evolving. And putting cyber insurance is typically a smart move for both individuals and businesses of all sizes. Your next online purchase, customer interaction, or download could cost a lot more than you bargained for without it.
NICRIS Insurance focuses on providing clients with the appropriate suite of products to protect them, their interests, and their loved ones. If you need some insurance advice or would like a free, personalized insurance review, just drop us a line, visit our offices Monday to Friday 9 to 5, or call (516) 544-0006.