Insuring Your Business Against Cyber Liability
According to one study done by the US Small Business Administration, 88% of small business owners feel their business is vulnerable to a cyber attack. These concerns may be well-founded: according to another study, 61% of all small businesses have reported at least one cyber attack in the past year.1,2
Business owners are required to protect their customers’ personal information. In all 50 states, Guam, Puerto Rico, The Virgin Islands, and the District of Columbia, businesses are required to notify individuals of security breaches involving personally identifiable information.3
As evidenced by news of large-scale data breaches, online hacking has become another form of risk that businesses now face every day. Like many risks, businesses can insure themselves against the financial damage a cyber-attack may inflict.
Cyber liability insurance may cover a range of risks, including:
- Data Breach Management: Pays expenses related to the investigation, management, and remediation of an incident, including customer notification, credit check support, and associated legal costs and fines.
- Media Liability: Covers third-party damages such as website vandalism and intellectual property rights infringement.
- Extortion Liability: Reimburses for expenses associated with losses arising from a threat of extortion.
- Network Security Liability: Covers costs connected with third-party damages due to a denial of access and theft of third-party information.
Cyber liability insurance is fairly new so expect a wide divergence of coverage and costs. It may be purchased separately or as a rider to your current business insurance policy. Be prepared to comparison shop to get a better understanding of coverage and costs.
Small business owners might also keep in mind that “an ounce of prevention is worth a pound of cure.” There are steps you can take to protect your business from becoming a cyber victim.
Consider these steps to protect your data.
- Maintain robust malware detection software and keep existing software updated.
- Train employees not to open links contained in emails from unknown senders. Thirty percent of small businesses consider phishing to be their biggest cyber threat.2
- Encrypt your important data, such as bank account information, customer credit card numbers, etc.
- Perform a security audit.
As obvious and simple as these precautions may sound, some businesses fall victim to cyber-attacks because of their failure to take them.
1. SBA.gov, 2022
2. CyberSecurity-Magazine.com, 2021
3. NCLS.org, 2022