What is cyber insurance?
As technology has developed exponentially over the last decade, dealing with data breaches as a business has become as much of a certainty in life as taxes and death. The problem of data breaches has become widespread, with an estimated 81% of large businesses and over 60% of SMEs suffering cyber breaches based on statistics from a 2014 government survey. The cost of such a breach can be staggering for a business: on average, a data breach will cost about £4.1M for a company, but it can be much higher. For example, the high profile cyber attack on TalkTalk which saw the data theft of millions of customers setback the company over £60m in 2016.
With these startling statistics in mind, it is easy to see how a cyber attack can have disastrous concessions for a business. However, by investing in cyber insurance, you can help to reduce the potentially significant cost in the event of an attack.
How does cyber insurance cover work?
Cyber liability insurance cover (CLIC), also known as cyber risk insurance, is a policy intended to help support and protect businesses from malicious hackers or data breaches that can severely affect companies computers. The term is used to describe a number of different covers – it works in the same way as any other type of business insurance in that respect, and so this means that costs will vary.
What is included?
Cyber insurance products will cover different aspects of a business subject to a data breach based upon whether it is a first-party or third-party insurance policy.
Typically, a first-party insurance policy will cover the organization’s assets:
- The theft of digital asset or money caused by electronic theft or the theft of equipment
- The loss of digital software programmes
- Damage to digital assets such as data, by accident or otherwise
- Virus: spyware, malware
- Human error
- Electrical power surges/natural disasters
- Expenses to inform customers of a security or privacy breach – this can sometimes be a legal requirement to do so
- The loss of customers as a result of a data breach
- Loss of intellectual property due to reputational damage caused by a cyber attack
- Ransomware – ie cyber exhortation, where hackers threat to release data if money is not given in return, this means that you will be covered for the cost of meeting the ransomware information in order to retrieve the data
- Legal fees and potential court costs due to a cyber attack as well as any regulatory fines
Whilst third-insurance policies usually focus on providing cover for the assets of others (for example, the customers of the company) and may well include the following:
- Compensation to customers due to a data breach causing customers to be unable to access their accounts, loss of their data, or due to a failure of the company’s systems or software
- Media liability cover, providing damages as a result of an intellectual property rights infringements by hackers, or the defacement of a website as a result of a cyber attack
- Privacy or security breaches cover in order that a data breach can be managed thoroughly and securely, which may include carrying out an investigation.
It may be the case that these different cyber insurance policies interconnect or overlap with other business policies you have in place, such as third-party supply chain issues. However, it is still fully recommended as a business to have an individual policy catering to cyber liability to ensure that your company is completely covered should the worst happen.
What isn’t included?
Cyber insurance cover can help to protect and support businesses in a number of ways, as demonstrated above, in the event of a security breach or attack making the recovery process much easier to deal with. However whilst cyber liability insurance can help to alleviate losses as a result of an attack, it can’t mitigate everything. Whilst it can help to minimise and control risk it isn’t possible for this type of cover to eliminate risk altogether and it is also difficult to evaluate. Furthermore, any attack will still come at a significant cost to your company even if insurance lessens the impact.
What are the benefits of cyber insurance cover?
Cyber insurance cover offers a number of important benefits for your business, these may include:
If a data or security breach has occurred, one of the first things a company must do is call in a forensics investigator in order to determine the cause and extent of the breach, as well as what types of data have been taken, which can be costly, however if you have cyber insurance it is likely you will be covered for this computer forensics investigation. In the event of a cyber attack, having the ability to contact cyber breach specialists, available 24/7 is extremely helpful when you have experienced a breach.
Notifying the affects customers in a data breach can be particularly time-consuming when you are already dealing with the rest of the fallout due to a cyber attack. This is why cyber liability insurance can be extremely useful to have, as they will inform your customers, and a crucial aspect of a data breach is not only minimising the damage, but also the incident response to clients. Certain insurance companies will even set up a call centre on behalf of your company to deal with customer support.
How do I buy cyber insurance cover?
The aim of this article is to expand your knowledge on cyber liability insurance and to demonstrate the importance of taking out this type of policy cover for your business. You can find companies specialising in cyber insurance through TechRound.