What Is Cyber Insurance?

Business owner using computer

Cybercrimes are becoming more common as companies transfer more of their data online, making many businesses likely targets. Eighty-eight percent of small business owners believe their business is vulnerable to a cyber-attack.

One way to help protect your business against these problems is to purchase cyber insurance.

But, what is cyber insurance? Keep reading to find out.

What Is Cyber Insurance?

Formally, cyber insurance is a contract between an insurer and a company that states the insurer will help to protect the company against losses that are related to computer-based or network-based incidents.

Cybercrimes can cost businesses financial losses in legal fees. Beyond this, businesses may incur administrative headaches as they recover from the damage that cybercrimes can cause.

A data breach can destroy more than your business' computer system. It can damage your business' reputation and put your employees at risk.

Cyber insurance could protect your business' liability for a data breach. It can cover sensitive customer information, including the following:

  • Social Security numbers
  • Credit card numbers
  • Account numbers
  • Driver's license numbers
  • Health records

Typically, cyber insurance is not included in general liability insurance. General liability insurance plans cover third-party property damage and bodily injuries that may come from your products, services, or operations.

However, our Business Owners Policy is different than typical plans. It includes cyber insurance. On top of that, it includes general liability insurance and property insurance. By bundling all of these plans together, you can save money and time when it comes to payments and claims.

What Does Cyber Insurance Cover?

First and foremost, cyber insurance covers the financial liability that comes with cybercrime. This includes legal fees and expenses.

Besides this, cyber insurance can help cover expenses to hire professionals for the following actions:

  • To investigate the cause of a breach
  • To determine the scope and extent of compromised data
  • To provide recommendations to fix the issue to help prevent another attack from occurring

If a data breach does occur, most states require companies to notify their customers. Some states make it a requirement for data breaches that involve personally identifiable information.

Alerting all of your business' customers can be extremely expensive, so cyber insurance could take care of expenses associated with it. By making sure to alert all your customers quickly, it could help to repair your relationships with them. So, your business is less likely to take an even bigger hit on its reputation and minimize the amount of damage that could incurs from a data breach.

What Does Cyber Insurance Not Cover?

Obtaining cyber insurance does not shift the liability of a cyberattack away from your company. The responsibility of keeping your customers' information safe is still in your hands. While your insurance company can cover legal expenses for covered losses, they are not responsible for legal ramifications that your company could encounter.

You should know that cyber insurance does not instantaneously solve any and all computer problems that you might be having. In other words, having this insurance will not prevent a cyberattack.

Even if you purchase cyber insurance, you should still have safeguards against cyberattacks.

Who Needs Cyber Insurance?

Cyber insurance is a necessity for almost any business in today's world. Given the boost in digital transformation over the past year, most organizations have some component of their business activities online.

If your business has an online component or stores any information online, it's time to consider protecting your small business with cyber insurance. Any business that relies on technology for conducting any of its operations would benefit from having the protection that cyber insurance provides.

If your business hasn't taken the plunge into the cyber world, you may still be at risk. Cybercriminals who attempt to steal information from business networks are looking for contact details, intellectual property, sensitive financial data, and the like.

You should consider cyber insurance if any of this information is held online.

Besides the obvious online information, cybercriminals are also known for breaking into networks. Hackers may be able to get into your business' network and apply ransomware. This can take down your entire network and delay business operations that you hold online.

Luckily, cyber insurance can also help protect against this. As we discussed earlier, cyber insurance could assist with expenses related to hiring professionals to determine the extent of damage that cybercriminals have caused.

What Are the Most Common Cyber Insurance Claims?

With cyberattacks becoming more and more common, cyber insurance claims are happening more often than ever. Businesses file most of their cyber insurance claims after four major cyber-related events:

  • 1. Hacking
  • 2. Ransomware
  • 3. Phishing
  • 4. Employee negligence

Each one of these claims can add up to big bucks for the company that they're affecting. In fact, because of the financial burden that comes with these kinds of incidents, most companies take a preventative approach to cybercrime.

However, once one of these happens, it's time to initiate your insurance policy and recover as quickly as possible.

1. Hacking

Hacking happens when someone breaks into your company's computer network. From there, the hacker can steal your company's data. Your company becomes liable for all of the costs related to recovering the data and protecting affected customers.

Sometimes, after a hacking event, companies have to look into forensic services. These professionals can gather a lot of information regarding the cyberattack:

  • They can determine the cause of the attack
  • They can discover the extent of the hacking
  • They can present findings in a legal proceeding

2. Ransomware

Ransomware attacks happen when someone installs malicious software on your company's computer system. This software threatens your company's data. In return, the attacker may ask you for a pricey ransom.

In some cases, cyberattackers will threaten to download malicious software before actually doing it. In this case, company data isn't threatened unless the ransom isn't paid and the software is downloaded.

If you have cyber insurance and one of these cyberattacks happens, your policy could cover the cost to notify impacted parties. However, it's important to note that your policy may only cover a certain amount of expenses.

The limited amount of coverage that you get for your cyber insurance policy will depend on the kind of policy you have and the amount that you're paying for that policy. It's likely that larger companies will pay for larger plans since costs for those companies are higher when it comes to cyberattacks.

3. Phishing

Phishing occurs when someone convinces your employees to disclose sensitive information in regard to your company. This information may include login credentials, passwords, identification numbers, or other things.

Usually, phishing occurs through email, although employees may receive communication in other ways.

Employee education is the best way to prevent phishing. Anti-phishing programs teach employees how to spot and report phishing scams that may show up via their work email.

Often, these phishing emails have a few things in common:

  • Poor grammar and spelling
  • A request for sensitive information
  • A time constraint
  • A threat

By detecting these kinds of attacks before they can do any harm, your employees can avoid giving away sensitive information to hackers.

Phishing attacks can also occur over the phone. Someone may ask your employees to give away their passwords, identification information, or other sensitive details.

Whether cybercriminals are able to gather this information via email or phone, they can use it to get into the company's server without having to use hacking. From there, they can steal data, make financial transactions, and more.

4. Employee Negligence

Employee negligence happens more often than companies would like to believe. Businesses spend time training their employees on the sensitivities and value of the information that they have. However, mistakes still happen.

One of your employees could lose their laptop or send an email to the wrong address. They could lose the sticky note with their password on it or share sensitive information while out with friends.

No matter the circumstances, your company will become liable for any lawsuits that it incurs regarding lost data. One way to prevent employee negligence is through education. You may have a program set up during employee orientation, but it's easy for these details to get lost with time.

Therefore, you need to make sure that your employees are constantly being reminded of the sensitive data that they have access to. You may have to post signs around the office building or send out regular emails.

The more often you remind your employees about being careful with their information, the less likely any of these negligent events will happen.

How Much Does Cyber Insurance Cost?

The cost of a cyber insurance policy for your business will depend on several factors:

  • The size of your company
  • Your company's annual revenue
  • The industry that your company is in
  • The type of data that your company handles
  • Your company's past claim history

A business that has poor cybersecurity and has a previous history of falling victim to hackers is more likely to get charged more than a business that has strong cybersecurity with no prior cyberattacks.

Likewise, a business that is in an industry that is more sensitive to attacks is more likely to get charged more. For example, businesses that are in health and finance are likely to have higher bills because the data associated with those companies is more sensitive and more targeted.

As you're shopping around for the best cyber insurance policy for your business, you should take your business' current situation into account and determine who's offering the best deal for your level of protection. You should also make sure that you're reading all of the fine print as some cyber insurance policies will only cover cyberattacks if the business has a certain level or kind of protection that could have prevented the attack.

Where Can I Get Cyber Insurance?

After reading all of this information about cyber insurance, we're sure you can answer the question, "what is cybersecurity?" like a pro. However, there's still one last thing to take into consideration: where to find cyber insurance.

One way to obtain cyber insurance coverage is by getting comprehensive Business Owners Policy insurance. Our comprehensive insurance plan combines multiple commercial insurance policies, including cyber risk insurance as well as general liability and property insurance. By bundling all of these plans, you may be able to save money and get the consistent care that your business needs.

To get started, request a quote. The process takes only a few minutes. You'll be on your way to complete coverage in no time.


Get a Quote Now >