As a technology company, we understand the risks associated with data and technology in today’s business environment. Data breaches, network outages, cyber extortion, and other cyber risks are becoming increasingly important for tech and non-tech companies.
Virtually every business today that uses technology or manages digital information is exposed to cyber risk. Cybersecurity is a challenging topic for many. The threat and potential impact of cyberattacks is growing exponentially. In fact, statistics show that 60% of hacked SMBs are closed within six months of a cyberattack.
It’s no surprise that large companies see cyber insurance as an integral part of their risk management program. Well-known companies such as Chipotle, Trump Hotels, Wendy’s and Arby’s have recently faced serious cyberattacks.
We have created this guide to help our readers understand the basics of cyber insurance and other considerations.
What is cyber insurance?
Cyber insurance, also known as “cyber risk insurance” or “cyber liability insurance,” is a financial product that allows businesses to pass on the costs associated with recovering from a cybersecurity breach or similar event. In many cases, policies may also provide access to panels of top rape teachers and other service providers.
The history of cyber insurance
Not surprisingly, cyber insurance has recently entered the insurance world. No other traditional business insurance was created to cover the risks most commonly associated with cyber insurance.
As such, many insurance professionals believe that cyber insurance is still in its infancy and much work needs to be done to standardize coverage and enable insurers to meet the needs of modern business. In addition, education is also important for organizations to understand the threat of cyberattacks and the seriousness of these types of threats.
According to a recent report by Hiscox Insurance Company, 7 out of 10 companies do not have a quality cybersecurity strategy.
However, there is no doubt that the cyber insurance sector will continue to grow rapidly, expanding the offerings and making them more personalized. Like most other types of insurance products, cyber insurance policies are evolving towards more industry-specific solutions and becoming less commonplace.
Who Needs Cyber Insurance?
We strongly encourage all customers to consider the value of cyber insurance, especially when processing or using digital information.
One of the first issues many new cyber insurance buyers deal with is the company’s regulatory or contractual liability with respect to their customers’ personal information. If you store customer information such as names, addresses, credit card information, social security numbers, etc., on any type of online or offline computer system, you are legally obligated to keep that information safe, which costs you more. have to pay. for non-payment.
Many people are surprised to learn the true costs associated with data breaches. According to his Ponemon report in 2017, cyberattacks cost small businesses an average of $2.235 million. Additionally, the survey showed that 60% of his surveyed companies said attacks were getting more serious and sophisticated each year.
Even if your company’s revenue stream has touchpoints with European consumers and businesses, the newly introduced General Data Protection Regulation (GDPR) may apply. Many US-based companies have already taken steps to comply with the GDPR, but that doesn’t mean insurers have followed suit.
What does cyber insurance cover?
Cyber insurance is as dynamic as the companies it protects, so it is far from standardized. However, issues that cyber liability insurance typically covers include:
- data loss, recovery, recovery
- Business interruption/loss of revenue due to breach
- Loss of transferred funds
- computer scam
- cyber blackmail
Important note: 〇 Insurance against errors and omissions Even if the E&O policy includes a technical error pilot, this is not cyber insurance and is not a substitute for proper cyber insurance.
If a hacker leaks or steals personal information such as social security numbers, driver’s license numbers (in some states), addresses, or bank account information, cyber liability insurance will pay for:
Notification fee: This cost is significant as the company bears the burden of identifying potential victims who require internal investigations and providing notice that is reasonably charged to provide actual notice.
Credit tracking: In fact, cyber insurance pays the victim’s premium. Regulators often dictate the type of credit surveillance they must provide, and they certainly won’t compromise on the cheapest protection available.
Civil damages: Most of these liability lawsuits, even for very small companies, are class actions seeking at least hundreds of thousands of dollars in damages.
Computer forensics: This covers the cost of hiring a computer forensic investigator working under the direction of an attorney to determine if a data breach has occurred, to contain and prevent further damage, and to investigate the cause and extent of the breach. I’m here.
Cyber insurers also have an obligation to protect policyholders from related administrative actions and liability claims. Additionally, most policies also provide features that help policyholders develop robust and cost-effective security and data encryption protocols. To further minimize liability risks, consider bringing your own device (BYOD) practices.
Real-life examples of cyber insurance policies in the spotlight
- A Republican data firm that disclosed the personal information of millions of Americans faced its first class action lawsuit, claiming «actual damages» exceeded $5 million.
- Ride-sharing company Uber has been fined in all 50 states for covering up a 2016 data breach that affected an estimated 57 million people.
look: Uber settles biggest lawsuit after covering up massive attack on user data
- The lawsuit filed against Facebook alleges that the company committed unlawful business practices, deception by concealment, negligence, and infringement of California customers as a result of a large-scale attack that exploited security flaws to steal user account credentials. He alleges that he has committed a criminal offense against the Records Act. Facebook. 50 million users.
look: Facebook faces class action lawsuit over security breach that affected 50 million users
- Yahoo is facing lawsuits from people who fear their accounts have been hacked, alleging the company «acted with gross negligence» and endangered financial and personal information. The complaint also claims that Yahoo It claims that the personal information of at least 500 million users was exposed due to the company’s failure to properly disclose the breach.
look: Yahoo faces massive lawsuit over data breach
- Three years after Neiman Marcus revealed that a 2013 hack exposed the credit card information of more than 350,000 customers, the retailer settled a subsequent class action lawsuit for $1.6 million.
look: Neiman Marcus agrees to pay $1.6 million to settle a 2013 data breach class action lawsuit.
- Target Corp agreed to pay $39.4 million to settle claims from banks and credit unions that it suffered losses due to a retailer data breach in late 2013. Fraudulent charges or issuance of new credit or debit cards.
look: Goal of $39.4 million settlement with bank over data breach
Cyber insurance premium
Better to get this type of insurance than the cost. The company’s expertise and ability to prevent incidents and coverage in determining premium costs and revenues and the number of unique PII or PHI records stored in the company’s systems or requiring management limits are the two most important factors. For more information, check out our comprehensive guide to the cost of cyber insurance.
The good news for those looking for cyber protection is that the insurance market in 2019 is a buyer’s market. Dozens of insurance companies are vying for your business.
Of course, there are also things an organization can do to reduce the risk of an attack or compromise. B. Ensuring that employees are regularly trained and briefed on what to do to ensure their safety and to alert them to possible attacks do.