Cyber Liability Insurance
Cyber liability insurance protects you from the costs of data breaches, extortion, or other digital crimes. Coverage can also help you recoup lost business income when your network is disrupted by a cyberattack.
There are several factors that will determine how much cyber liability insurance you need. Some of these include the size of your business and the risks unique to your industry.
1.Coverage
Cyber liability insurance provides coverage to businesses for losses resulting from computer system hacking, a data breach, or other cyber events. It is a special form of business insurance, and it may be purchased as a standalone policy or in conjunction with traditional commercial general liability policies.
A typical cyber liability policy includes first-party coverage, including payment of cyber extortion payments, forensic investigation, notification of affected customers, customer credit and fraud monitoring services, crisis management and public relations, and business interruption insurance to help cover losses from interruption to operations. It also provides liability coverage, indemnifying companies for losses caused by errors and omissions or failure to safeguard information.
The amount of coverage provided by a cyber liability policy depends on the size of the business and its annual revenue. The volume of data, revenue, and the number of records containing personally identifiable information (PII) protected health information (PHI), or financial account information stored on a business’s systems are significant factors in determining premium costs.
There are a variety of insurers that provide cyber liability insurance, and you can find one that suits your business’s needs by using an online broker. The best brokers provide comprehensive coverage and a range of options for deductibles, limits, and claims processes.
You can start your search with CoverWallet, an insurance marketplace backed by Aon and offering cyber liability quotes from multiple A-rated insurers. Answer a few questions about your business, and you’ll have quotes ready to compare within minutes.
In addition to quoting:
CoverWallet also offers resources to help you understand the value of cyber liability insurance and how to secure it. Its services include cyber security guides, an online tool to identify your business’s unique risks, and a 24/7 support team that can answer your questions about coverage.
As with any insurance purchase, you should perform an evaluation to ensure the cost of cyber liability insurance is below your company’s annualized loss expectancy. This estimate is determined by calculating your company’s annual rate of occurrence (the likelihood of an incident occurring each year) and the single loss expectancy (the cost of a single incident).
2.Exclusions
Cyber liability insurance is designed to cover business losses resulting from the loss or theft of sensitive data. These include Social Security numbers, credit card information, driver’s license numbers, and health records.
While the coverage can be expensive, it’s important to have it in place. In addition to protecting your business, it can also help you avoid fines and penalties imposed by the payment card industry (PCI) following a data breach.
Many cyber policies include exclusions that are often difficult to negotiate. These exclusions can include acts of war, failure to maintain standards, payment card industry (PCI) fines and assessments, and prior acts.
Acts of War:
These exclusions should be well negotiated, especially when they apply to a nation-state attack. Insurers typically consider nation-state cyber attacks an act of war, and they are not typically covered under a standard cyber policy.
Failure to Maintain Standards:
This exclusion can be a concern when the business is relying on third-party vendors or suppliers to protect its data. If these contracts don’t have adequate security standards, it could be impossible to get paid when a data breach occurs.
PCI Fines and Assessments:
These are a significant source of loss for businesses that deal with payment cards like Visa and Mastercard. A data breach can result in the need to pay hefty fines, and these penalties can be prohibitive for many businesses.
APCI is the leading entity for assessing these fees, so it’s vital to have your cyber policy address this exclusion.
Intellectual Property:
IP is the value that a company has built over time through the creation and development of its products, services, and processes. This can be valuable, and hackers may seek to use that value to their advantage.
It’s common for companies to have a large amount of proprietary information stored and protected on their systems. If it is exposed, this could lead to litigation or other legal claims.
Ransomware:
This is a type of cyber attack where hackers encrypt your files and demand a ransom to restore access. These attacks are up 148% this year, making them a hot topic in the industry.
3.Limits
Cyber liability insurance offers limits to protect a firm from lawsuits that arise from data breaches, computer system outages, network security breaches, and malware attacks. It can also cover losses incurred from third-party liability, such as the costs of paying fines and penalties, credit monitoring fees, public relations costs, and restoring or rebuilding private data.
Limits range from $1 million to $5 million or more and vary based on a company’s risk. Low-risk firms, such as retail stores that handle a small number of customer records, can buy a policy with a lower premium than companies that store large amounts of sensitive personal information, for example Social Security numbers and dates of birth.
Most firms begin with a $1 million cyber policy that has both first-party and third-party coverage. As a firm grows and becomes more comfortable with the coverage, it often moves up in $1 million increments to $2 million to $5 million.
Also:
While these initial limits are appropriate and reasonable, they are not enough to ensure long-term profitability in the face of a rapidly changing cyber landscape. For that reason, many firms are considering buying partial programs that include self-insurance mechanisms and external protection that can top up these gaps.
One of the most effective ways to save money on your cyber policy is to compare quotes from multiple providers using a service like CoverWallet. It’s a website that lets you answer a few questions about your business and get quotes from multiple A-rated insurers.
Another option is to require your clients to purchase cyber liability insurance in their work contracts. This can help your clients save money on their own policies and avoid costly lawsuits if they do not have coverage.
Limits and deductibles vary greatly from policy to policy, so it’s important to read your contract carefully. If your insurance provider doesn’t have a specific maximum amount for a deductible, you may want to ask them to put that in your policy. This way, you can make sure your coverage is sufficient for any unexpected incidents that occur.
4.Recommendations
Cyber liability insurance is a critical part of any business’s security strategy. It provides coverage for financial losses resulting from data breaches, viruses, hacking, denial of service, and other cyber incidents. This includes legal fees stemming from civil suits, regulatory fines and penalties, and mandatory forensic examinations.
In addition to offering a number of coverages, many cyber policies also provide recommendations for how to reduce your risk. These include deploying multifactor authentication, which requires more than just a username and password.
MFA:
which is increasingly being adopted by both consumers and businesses, can help protect against account compromise in the first place by requiring an additional step of verification beyond a username and password. This may include something as simple as smartphone push notifications or hardware keys and biometrics.
While MFA is not a necessity for all small businesses, it is recommended by cybersecurity and insurance experts as a basic step to take in order to help ensure that you are protected against threats that might arise from an email compromise or other digital breach. It can also be helpful to implement a zero-trust model of cybersecurity wherein you only allow trusted people to access certain parts of your network and never the entire thing.
Another important recommendation for small businesses is to add cyber liability coverage to their general liability and property policies. This can provide a lot of valuable coverage, especially when the costs of a breach are high or even catastrophic.
When determining how much cyber liability insurance is right for your business, consider these factors:
5.Industry:
The higher the industry your business operates in, the more likely you are to be exposed to cyber risks. This is particularly true if your company stores sensitive information or handles payment card numbers.
6.Premium:
Insurers will typically raise premiums for large or high-risk companies. This is because it’s more expensive for them to pay out large claims in the event of a major loss.
7.Policy Limits:
Cyber policies generally come with limits that are either a percentage of the total value of your insured assets or the total amount of money that the policy will pay out in a given year. This can be estimated to range from a few thousand dollars to several million.
8.Tips for Navigating Cyber Liability Insurance
As cyber-attacks spike to never before seen highs, companies are turning to cyber liability insurance as a solution to mitigate the potential financial losses and legal liabilities that result. But with the sector still in its infancy, it may not be a sustainable option for some businesses.
Cyber policies typically cover business interruption loss incurred as a result of an incident on your network or security system that affects your operations. But coverage is limited and there are often several factors that must be considered to determine whether the policy will pay for these costs.