Cyber Insurance: The Facts You Need to Know
Cyber attacks are some of the biggest threats you’ll face as a modern company. In fact, the YE CEO Imperative Study of 2019 listed cybersecurity as the No.1 threat to the world economy in the next decade. And rightly so.
Cybercrime is costing Australian companies and organisations more than $1 billion per year, with small businesses accounting for 43% of all cybercrime targets. Whether you’re a startup or a successful business, nobody is spared from this threat.
What Is Cybercrime?
Everyone who uses a computer or any other device with access to the internet can become a victim of cybercrime. However, because the objective of most online criminal attacks is financial in nature, companies and organisations are the most common targets. Most cybercriminals seek to steal credit card or bank account information, to hold data for ransom or simply to cause financial damage to a company. But there are also attacks that can have other motifs, like for instance, exploiting the private information of companies and their clients and making it public. Like for instance, the Ashley Madison attack in 2015.
How Much Cyber Insurance Do I Need?
How much cyber coverage you need depends directly on your line of business and the online tools and services you use to conduct business. For instance, if you rely greatly on technology and use computers, servers or clouds to store and manage crucial company data as well as customer information and financial or transactional details, you will want to invest in the most comprehensive cyber insurance policy you can get. And most modern businesses are like that.
When signing up for cyber insurance you can choose between four levels of coverage. Going for an insurance policy that targets all four levels will offer optimal financial protection. The first level of protection is coverage that can mitigate first-party losses. This is the most basic type of cybercrime cover that deals with the direct financial loss your business will face. The first level of coverage is a package designed to take care of the financial costs of the following:
- Data and system restoration – Hiring cyber experts to identify and remove the threat and recover data.
- Breach costs – The costs of your company’s data being exploited.
- Business interruption – The losses your business will face if unable to work as a result of a cyber-attack.
- Cyber extortion – The costs involved in ransom demands, hiring cybercrime experts and preventing future threats.
The second level of coverage deals with claims from third-party losses, or in other words, the losses your customers and clients face as a direct result of your business being the target of a cyber attack. This coverage refers to:
- Privacy protection claims – The costs of failing to keep a third party’s data secure.
- Regulatory breach liability – Legal expenses arising from the investigation of a government regulator.
- Electronic media liability – Third party claims as a result of content in email or website.
You can also opt for an insurance policy with a third level of protection that will help to sort out extra expenses involved in dealing with the cyber attack. This usually refers to the cost of crisis management and the cost of notifying clients of a possible security breach and monitoring their credit card details as prevention of further attacks.
Some businesses also go the extra mile and include a social engineering, phishing and cyber fraud cover as part of their insurance policy. This type of cover deals with the costs resulting from cybercriminals manipulating your employees or clients into divulging confidential information that may be used for fraudulent purposes.
What Does Cyber Insurance Not Cover?
Of course, even the most comprehensive cybercrime policy won’t be able to cover all the potential losses and damages in the aftermath of a cyber attack. Like all insurance policies, there will be some exclusions which is important to understand. Most cyber protection insurance policies do not cover the potential loss of profits in the future, the loss of value due to theft of your intellectual property and betterment – the costs involved in repairing internal technology systems and upgrading your standard and security software.
Do I Need Less Coverage If I Have Cyber Security Solutions In Place?
Many companies believe that investing in their security systems can replace cyber protection insurance. However, these systems are not 100% error-proof. They can fail, the humans tasked with operating them can make mistakes, and hackers are becoming better and better in finding vulnerabilities even in some of the tightest security systems, like for instance that of Microsoft.
With that being said, a company shouldn’t overlook the benefit of signing up for a cybercrime insurance policy. The combination of your security solutions and the policy will offer a double layer of protection against cyber attacks.