Cyber insurance is one of the most valuable policies you’ll own for your business because cloud-based data and IoT (Internet of Things) are both difficult for security teams, and software, to defend. The more “connected” a business becomes, the more opportunity for it to experience cyber threats and data breaches.
First Steps to Safety
It's important that you take all the precautions available to you, such as using strong passwords, hosting your data on reputable sites, and confirming antimalware is on the cloud storage you use as well as any local drives. Your business insurance agent is going to need all this information prior to quoting your policy.
Cyber insurance does not protect you from attacks, it helps you recover from them. And although it's obvious that some businesses need cyber insurance, such as e-commerce or IT professionals, the truth is, all businesses need cyber insurance.
Size Doesn’t Matter
Cyber attacks are not exclusive to big businesses. Although that’s what makes headlines, according to Ponemon Institute’s research (2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB)), “52 percent of respondents say their companies experienced a ransomware attack and 53 percent of these respondents say they had more than two ransomware incidents in the past 12 months.”
Small businesses may actually be at greater risk because they may not have the budget for IT professionals to guide them and keep an eye on their security. As a result, a small business' technology and data infrastructure can be compromised. The result can be very costly.
The cost of retrieving data from a hacker using malware that demands a ransom can range widely from business to business. Additionally, there are multiple ransomware threats trying to reach your data daily! According to Cisco researchers, in 2017, an estimated 312 ransom payments were made as a result of the WannaCry malware alone.
Data Ownership – Privacy and Piracy
Ponemon Institute's report also stated, “In the past 12 months, 54 percent of respondents report they had a breach involving sensitive information about customers, target customers or employees, an increase from 50 percent in last year’s study.”
Whether you are subject to HIPAA laws, or indirectly subject to them via a Business Associate Agreement, you are required to notify individuals of any security breaches of data that includes “personally identifiable information.” This can be very costly and complicated. Your cyber insurance can help you to do this and manage any data breaches correctly.
In addition to having to communicate that you've been hacked to potentially a substantial amount of people, a business' reputation can also be damaged when employees create offensive online posts.
Cyber insurance policies can cover content liability and businesses should also have online content policies in their employee manual. Online, every employee is a representative of the organization they work for and they need to understand what is considered acceptable communication.
Your Business Insurance Agent Will Get You Covered
One of the most important things in the business cyber insurance policy is having your carrier help to protect and defend you. Cyber insurance is not black and white. New and previously unforeseen threats arise frequently, and the insurance industry needs to keep up.
Your agent has access to multiple carriers all with various insurance agreements and broadening endorsements. Be prepared to answer questions about the steps your business is taking to stay safe, as your preventative actions with help lower your risk potential. This is always a good thing for any business!