Does your business use data, a computer, or the internet? If any of these are compromised it could be a costly event for your business if you don’t have the proper cybersecurity insurance to protect you. Here’s what you need to know.
Most often, you’ll hear about big corporations getting hit by cyberattacks but small businesses are the most at risk since they typically don’t have large technology departments or IT staff. The best way to protect against cyberattacks is with strong internal safeguards but security is never one-hundred percent effective and breaches can occur even with safeguards in place. That’s why businesses need to consider cybersecurity insurance. This type of insurance helps businesses respond effectively to a data breach, virus, or cyberattack. It covers the costs to recover and get back to doing business as usual. It also covers legal claims resulting from the event. Any business that stores sensitive data in the cloud or on an electronic device should have cybersecurity insurance. A general liability policy or professional liability policy usually contains basic cyber liability coverage but businesses that store personally identifiable information for employees or customers should have stand-alone or enhanced cybersecurity insurance.
Insurers have only started offering cyber coverage within the last couple of decades. Due to its short existence, there’s no such thing as standard cyber insurance, and coverage can vary depending on who you purchase it from. The variety of policies available can create challenges when trying to compare them but most insurers include these types of coverage in a cybersecurity policy:
Work back from a hypothetical incident and figure out how much it would take to recover. Consider how many sensitive records you store, their type, and where they are stored. If a breach occurs, what would it take to inform your customers and protect them? How long would it take? Where do you store sensitive data (website, remote services, mobile devices, etc.)? How much would it cost to replace affected hardware or software? Do you have a security team to help mitigate the damage, or would you need to bring in a consultant? Do you have a public relations professional to answer questions from the public? If you can’t answer these questions, you’ll need to hire an IT security firm to audit the business and determine your risk. An insurance broker will be able to use the audit to help you figure out how much coverage you need.
Cybersecurity insurance is an evolving but critical piece of coverage that can help minimize the damages if you are attacked. Understanding the coverage you need and having it in place is essential and we can help.