Articles

Breaking Down Cyber Liability Insurance

Learn the basics of cyber insurance and why your company should invest in it.

Learn the basics of cyber insurance and why your company should invest in it.

If your business has even one computer, you’re susceptible to cyber attacks. Despite various precautions, cyber attackers continue to evolve and become more dangerous. Cyber liability insurance, sometimes shortened to just cyber insurance, can help in the aftermath of a cyber attack. This article aims to explain the components of cyber insurance and the many benefits it offers.

Cyber liability insurance protects companies in case of data breaches and related digital attacks. It both provides financial compensation and legal protection. Note that this is different from data breach insurance, which only provides financial compensation.

Cyber security itself has been around since the 70s. Still, even the most advanced programs can still leave you susceptible to attacks in one way or another. Cyber liability insurance emerged in the 90s and has since developed to match new threats, including various types of attacks and addressing business interruption risks. When cyber attacks strike, there’ll be more than just the cost of recovering your data. You’ll face court costs, investigation costs, and customer reparations, along with many other assorted financial losses.

Trava recommends finding a policy that includes ransomware coverage, social engineering coverage, all forms of data breaches (not just digital), loss of income coverage, and dependent business interruption coverage. To get the best plan for your company, work with cyber insurance brokers, like the ones at Embroker or Coalition. Cyber insurance leaders include Hiscox, Chubb, and AIG, but there are multiple you can work with—including us at Trava. Before you dive into various brokers and companies, however, let’s break down what cyber insurance can really do and the options you have.

Secure for the known, insure for the unknown

Your destination may be achieving compliance in industry certifications such as SOC2 or ISO27001, but it doesn’t stop there. With Trava, our modern tools can help you bridge the gap between where you are and where you want to be by giving you the control to assess your risk, repair the most vulnerable areas, and transfer risk through insurance.

Cyber Insurance Explained

There are many types of cyber insurance with different protection packages. First-party cyber insurance protects the direct group of people who are affected by the attack, protecting you from breaches in your own system. This means you would be covered in the case of data destruction, hacking, online theft, extortion, and deliberate or accidental denial of service. According to Cyber Insure One, all of these can be separated into distinct categories:

Another section of cyber insurance is called third-party coverage. It differs from first-party in that it protects against lawsuits from clients if a breach occurs on their or a third-party system. Third-party liability coverage helps with the following:

Insurance like this can significantly help small businesses who’d struggle to cover these costs out of pocket. Trava helps small businesses through the process of finding the right coverage plan, offering free consultations with brokers. And remember, just because you have insurance, it doesn’t mean you can neglect cybersecurity. For another resource for small businesses, check out this cyber security PDF from the Federal Trade Commission.

Cyber insurance actually will not protect you from everything, so it’s important to stay alert. What does cyber insurance not cover? Examples could include:

Make sure you’re aware of what your plans will and won’t cover. When getting an estimate, talk these things over with your broker so you don’t enter a plan thinking you have more covered than you actually do.

Cyber Insurance Benefits

You might be asking “what does cyber insurance cover without all the add-ons?” Common issues with cyber security include cyber extortion, social engineering (such as phishing campaigns), business interruptions, virus transmissions, and legal fees/regulatory fines. Different types of cyber insurance can add on additional protections, but a good plan will get you these as a baseline.

Let’s look at additional benefits. Imagine your company gets hacked. If you are uninsured, you are pretty much on your own. You’ll have to pay for your own legal costs and find your own solutions to retrieve data. Now imagine you have a good insurance plan. Instead of floundering, you’ll get financial aid, help recollecting your data, and assistance in sending out the proper notifications for your clients.

You can also lower the price of your monthly premiums in ways that benefit your business beyond just savings. By earning a SOC2 or ISO 27001 certification (security compliance certificates) premiums can decrease while also boosting your business’s cybersecurity knowledge. The inclusion of multi-factor authentication, password policies, and employee phishing training can also enforce safer digital practices. These reduce risk on behalf of the insurance companies and lower the price you pay monthly. Talk to your cyber insurance broker for more specifics on what your company can do.

Do you know your Cyber Risk Score?

You can't protect yourself from risks you don't know about. Enter your website and receive a completely free risk assessment score along with helpful information delivered instantly to your inbox.

Cybersecurity Insurance Requirements

When you’re looking for cyber security, don’t be alarmed if they have some requirements for you to fulfill. This is to prevent high-risk investments by giving you a foundation for your cyber security. Some common cybersecurity insurance requirements include:

Trava CEO Jim Goldman gives some additional questions companies might ask you to determine the price of your premiums:

You should also have a cyber insurance coverage checklist to make sure insurance companies are meeting your needs as well. You may want to discuss the following examples of components concerning your policy:

Cyber Insurance For Small Businesses

There has been a massive increase in recent years. For example, the Internet Crime Complaint Center noticed an increase of 69% in cybercrime reports between 2019 and 2020. The National Cyber Security Alliance conducted a study in 2012 in which 60% of small businesses that faced a data breach went out of business within six months.

The main issue is just a lack of funds to deal with the fallout of a data breach. The average cost of a data breach in 2022 is $4.35 million. For small businesses, this could be crippling—oftentimes being the company’s end. It might seem tempting to just amp up cyber security (and it’s always a good idea to upgrade your security), but that is not enough to truly protect your company.

As a small or medium business, you are also being intentionally targeted by cybercriminals. Small businesses are three times more likely than larger businesses to be targeted for cyber crimes. This is because of the lack of protective resources (that big businesses already have to counter their attacks) and the presence of valuable client and employee information. However, a majority of small businesses don’t have insurance or protection plans in the case of a breach.

Cyber liability insurance for small businesses can help even before an attack even occurs. To reduce risk, insurance companies will often provide resources to increase cyber security. These initiatives can decrease the gap between big and small businesses in digital security resources, reducing the likelihood that they’ll be targeted by cybercriminals. If your company is skeptical of the price of cyber liability insurance, companies can charge as low as $200 annually, depending on your plan.

Cyber Insurance Market

Despite an all-time high in 2021 in which businesses were paying 133% more for insurance, prices have begun evening out. Though these prices can still be relatively high, the previously mentioned methods can lower premiums.

When looking for a provider, make sure you’re actively updating your cybersecurity practices. This makes you more appealing to cyber insurance companies, as there’s less of a risk of your data being breached. Require training for your employees, and keep your software updated as a bare minimum. Some companies even include cyber security clauses in contracts for both their employees and third-party services.

And don’t forget, small businesses benefit immensely from cyber liability insurance. According to some insurance companies like The Hartford, cyber insurance plans for small businesses might be better as data breach insurance. However, this might not do enough in the long run when a cyber attack hits.

Need help with your insurance search? With such an abundance of policies in this ever-growing market, check out Trava’s services. Not only will we show you where you can improve your cybersecurity, which can lower your insurance premiums, we also help small businesses find insurance that best works with their specific needs. Our cyber quoting tool can give you free quotes for up to eight different carriers, so to kickstart your research, contact Trava today.

Sources