Watch an excerpt from the fireside chat among Trava CEO Jim Goldman, insurance industry veteran Charlie Wilmerding, and Trava Director of Insurance Ryan Dunn as they talk about cyber insurance, past, present, and future. #BeCyberSmart

Still not convinced your small business should carry cyber insurance?

Read this blog to learn more about the intersection of understanding risk, mitigating risk, and transferring residual risk for a complete cyber risk management program.

In this conversation, Trava CEO Jim Goldman, insurance industry veteran Charlie Wilmerding, and Trava Director of Insurance Ryan Dunn talk about how a better understanding of cybersecurity helps you make better investment decisions and buy the right cyber insurance for your needs. Just like cyber risks facing companies vary from business to business, cyber insurance that's fit for one company may not be right for your company.

There are two fundamental parts to a cyber insurance policy:

  • First-Party: First-party claims are claims made by your company as a result of losses your company suffered due to cyber threats.
  • Third-Party: These are claims made by outsiders against a business, such as a customer whose credit card information was stolen due to a breach at the credit card company.

While insurance companies feared that third-party claims would make up most cyber insurance claims, the opposite has proven to be true. The cost of first-party claims far exceeds the cost of third-party claims today. This includes the cost of figuring out how a breach happened, how a business can resume business after a ransomware attack (business interruption), and more.

Ransomware claims are growing in popularity and are some of the most volatile, costly first-party claims insurers face. However, social engineering attacks where cybercriminals trick someone into sending money to an unintended recipient are among the most frequent attacks today. The growing popularity of these types of fraud shows that you don't have to be an enterprise company to be targeted by criminals; even simply sending payments or handling sensitive information could put you at risk.

Even if you don't think cyber threats are a problem for your company, they probably are. You may not handle sensitive data, but you might use a SaaS application that handles customers' sensitive data, and no SaaS application is immune to cyberattacks. Understanding all of these vulnerabilities is an important part of making sure your business is secure and purchasing the right cyber insurance.

There are tens of thousands of SaaS applications on the market, and most businesses rely on at least a few applications on a regular basis. Even if you think your company is safe from cyber threats, performing a baseline cyber risk assessment and getting the right cyber insurance is crucial.