In an age where cyber threats loom large, safeguarding your business is paramount. Cyber insurance offers that shield, and acquiring coverage before an attack occurs is essential.
Last year RCS held a webinar featuring insights from an insurance broker and underwriter. Here are the key takeaways:
Coverage Necessity: If your business handles client data or stores company information online, cybersecurity insurance is a must-have.
Comprehensive Protection: Cyber insurance can cover the costs of notifying customers about breaches, legal defense, and other expenses associated with cyber incidents.
Policy Scope: Cybersecurity insurance includes policies for data breaches and cyber liability, making it a versatile protection tool.
Supplemental Coverage: Consider augmenting your business owner's policy with cyber insurance for added security.
Cybersecurity insurance shields businesses from financial losses stemming from events like data breaches, system hacking, ransomware extortion, and more. Even small businesses that store sensitive data online or on computers should consider some level of coverage.
You can obtain cyber insurance as a standalone policy or as an add-on to your existing business owner's policy, offered by various insurers. Below, we delve into the types of cybersecurity coverage available:
Understanding Cybersecurity Coverage Types
First-Party Coverage: This aspect covers expenses such as investigation, risk assessment, lost revenue due to business interruption, ransomware attack payments, and customer notification in the event of a cyber incident. Data breach insurance is a common form of first-party cybersecurity coverage.
Third-Party or Cyber Liability Coverage: Cyber liability coverage safeguards your business if a third party sues you due to a cybersecurity incident. It covers attorney fees, court costs, settlements, judgments, and regulatory fines related to data breaches, which general liability insurance typically excludes.
Technology Errors and Omissions (E&O): Tech E&O insurance comes into play when a cybersecurity incident in a customer's business results from an error on your part. It covers legal fees, court costs, and settlements or judgments, but only in specific situations involving goods or services.
Who Needs Cybersecurity Insurance?
Almost every business, regardless of its size, faces cyber risks. However, cybersecurity insurance is especially vital for:
- Businesses storing important data online or on computers.
- Companies with large customer bases.
- High-revenue businesses with valuable digital assets.
If you're uncertain about your need for cybersecurity insurance, consult a local business insurance agent to assess your risk level and potential premiums.
What's Excluded in Cybersecurity Insurance?
Cybersecurity insurance typically excludes coverage for:
Property damage: Cybersecurity insurance generally doesn’t pay for any property damage stemming from a data breach or cyberattack, such as hardware that was fried during the cyber incident. These sorts of claims are usually covered by commercial property insurance.
Intellectual property losses: During a cyber incident, intellectual property losses and any lost income associated with it are commonly excluded from cybersecurity insurance coverage.
Crimes or self-inflicted cyber incidents: Virtually no cybersecurity policy is going to cover a business that is charged with committing a crime related to or causing a cyber incident. Commercial crime insurance generally covers theft by employees, though.
Costs for proactive preventive measures: Protective measures to avoid a future cyberattack, like training employees on cybersecurity and setting up a virtual private network, probably won’t be covered by a cyber insurance policy.
How to Obtain Cybersecurity Insurance
Most commercial insurance providers offer cybersecurity insurance. Consider options like Munich Re Specialty Group Insurance and Marsh & McLennan Agency. Some insurers offer cyber insurance as an add-on to business owner's policies.
To determine the right coverage and cost for your business, obtain multiple quotes. You can easily compare options from online business insurance providers or collaborate with a business insurance agent.
Determining Coverage Limits
The average small business typically carries cybersecurity coverage limits of $1 million. However, your unique risks and requirements should guide this decision. An insurance agent can help you determine the appropriate level of coverage.
While cyber insurance premiums can be significant (around $140 per month on average), it's a worthwhile investment compared to the potential costs of a cyberattack. Small businesses, in particular, could face crippling expenses in the absence of coverage. According to Hiscox's 2021 report, the average cost of a cyberattack for small enterprises with fewer than 250 employees was approximately $25,600, which could have dire consequences for some businesses.
For more information on optimizing your IT and securing your network, contact RCS Professional Services to speak with an IT professional or visit our website www.rcsprofessional.com. You can also visit our YouTube channel to view our past live stream on Everything You Must Know About Cyber Insurance.
Robert M. Long, Risk Management Consultant at Marsh & McLennan Agency
James Brogan, Vice President & Regional Underwriting Manager at Munich Re Specialty Group Insurance
