Insurance coverage can be confusing. And there’s an assumption that when you buy one policy, it covers anything that falls under the business. Cybercrime is likely not covered by the policy that you have in place.
So, do you really need it? Yes. And here's why.
Why You Need Cyber Insurance
Let’s say that one of your employees is going through their email and they receive a link to update the word processing software they use. The email says it’s from Microsoft and so it must be ok, right? The employee needs to get a letter out today, so wanting to be efficient, they click on the link and hope they can continue with their work.
That email was a phishing email which distributed ransomware to your system. The employee doesn’t realize this and they kept on working. All the while, entering more passwords, giving more and more access to hackers. The malware is slowly spreading to each workstation at your office.
The next morning, you come in, everything is on lockdown and you’re being asked to pay a bitcoin ransom to access any files. What’s Bitcoin? You call our IT guy to have him come in to fix it, but he can’t come until tomorrow. He tells you his emergency crew can come on-site but it’s going to be three times the normal hourly rate.
The Costs Are Just Beginning to Accrue
You are likely going to pay more in one day than you would have for annual cybersecurity insurance coverage. Factor in the lost revenue from being unable to access your client records. You can’t ship, sell, or manage business that you can't see. Your customers need to run their own business, so they find another vendor. More lost revenue. This could go on for days. Those clients liked working with you, but they now have taken their business elsewhere and which works out fine for them, so they don’t return and when asked “Who do you do business with?” They tell this story and that adds to your damaged reputation.
One week later, you’re still not back online. The ransom amount was unobtainable and even if you could pay it, there’s no guarantee that it won’t happen again next week. You now have to clean up all the computer workstations that were infected, plus the time to input all of the lost data – if you can find it, and hopefully salvage all of the lost business. Should we mention the investigation, notification process to your clients about what happened and the required credit monitoring you need to offer to restore your business and reputation?
Does That Annual Cyber Insurance Premium Seem Unreasonable Now?
As a business owner, you’ve made sure to purchase comprehensive insurance coverage for your organization. Commercial insurance? Check. Health coverage for your employees? That too. Your coverage has always been robust enough to cover the occasional property theft or slip and fall, so it’s safe to assume it would cover cyber crime, right? Wrong. Your standard insurance program undeniably excludes cyber crime and ransomware attacks. But how common are cyber attacks, and who is at the greatest risk?
The likelihood of experiencing a data breach can be as high as 1 in 4 for some firms, and with many working remotely due to COVID-19 with weaker infrastructures and security measures, that number is expected to rise. Your business can still be affected by cyber attacks even when you are not the primary victim. For instance, if one of your vendors suffered a data breach resulting in the shutdown of its website or business operations. These attacks may be out of your control but can still negatively effect your bottom line.
With ransom payments, lost revenue, and your company’s reputation on the line, cyber insurance is essential to ensuring the profitability of your business. It’s not if you’ll be a victim of a cyber attack, but when. When it comes to protecting yourself from hackers and cyber criminals, the best defense is a good offense. Implementing a robust cyber insurance program with proper risk management controls and cybersecurity is the only way to ensure that your business will be protected financially, organizationally, and legally from cyber criminals. So what exactly does cyber insurance cover? Below are the 3 most important coverages that cyber insurance can provide for your business.
Following a cyber attack, your organization will have to investigate to determine the extent of the breach and what led to it. The right policy can reimburse the insured for costs related to forensics and seeking out expert advice. Additionally, some policies can provide 24/7 support from cyber specialists, which is especially useful following a hack or data breach.
Business Interruption Loss Reimbursement
A cyber attack can lead to an IT failure that disrupts business operations, costing your organization both time and money. Cyber liability policies may cover your loss of income during these interruptions. What's more, increased costs to your business operations in the aftermath of a cyber attack may also be covered.
Coverage Beyond a General Liability Policy
General liability polices don't always protect organizations from losses related to data breaches. What's more, data is generally worth far more than physical assets, and it's important to have the right protection in place when you need it most. Supplementing your insurance with cyber coverage can provide you with peace of mind, in event of an attack, your organization's financial and reputational well-being is protected.
What are some of the cyber attacks out there today?
While there are many different ways that an attacker can infiltrate an IT system, most cyber-attacks rely on pretty similar techniques.
Insurance companies are your business partner, and your trusted insurance agent can help determine what your exposures are and which carrier is best for you. See how E.B.Cohen can help, talk to us today.