Understanding Data Breach and Cyber Liability Insurance

A Cyber Liability Guide for Your Business

When the topic of data breaches arises, most people immediately think of it happening to large technology firms, big credit bureaus, or well-known retailers. However, it’s a fallacy that only large tech companies or big businesses experience this kind of event.

According to the Department of Homeland Security, cybercriminals target small businesses the most. This is because many small enterprises lack efficient tools for risk control. Data breach statistics show the global average data breach cost is $3.86 million.

If you have ever considered protecting your business from cyberattacks, you have heard of “Data Breach Insurance” and “Cyber Liability Insurance.” Since these terms are often used interchangeably, many tend to confuse the two.

“Is there a difference between the two?”

Yes. Simply put, cyber liability insurance covers financial losses from a breach and also provides legal protection. Data breach insurance usually only protects your own financial interest.

Let’s take a deeper look at each type of coverage to understand the differences between the two. 

What Is Data Breach Insurance?

For losses resulting from a data breach, hack, or theft of corporate records, data breach insurance only provides first-party coverage. The policies typically pay for the costs of notifying parties affected by a breach to lessen the harm. This involves giving affected parties access to resources, including helplines and credit monitoring.

California has strict laws regarding data breaches. In 2003, the Notice of Security Breach Act was adopted in California. According to this law, any business that maintains Californians’ personal data, and has a data breach, is required to report the incident in full.

If your business suffers a breach, data breach coverage may assist in covering:

• Informing clients, patients, or staff who may be affected
• Engaging a public relations company
• Giving victims of the data breach access to credit monitoring services
• Extortion coverage which assists in reimbursing your expenses if someone steals your company’s data and demands a ransom

What Is Cyber Liability Insurance?

Cyber liability insurance offers financial protection against losses brought on by cyberattacks or other tech-related dangers. Cybercriminals can leak, delete, or keep data hostage during a cyberattack. Your ability to react to the assault and minimize the impact of the loss will be aided by cyber liability insurance.

Businesses that have experienced a cyberattack can benefit from the help of cyber liability insurance. Typically, it is a separate policy with first-party and third-party coverages. Cyber liability typically covers: 

• Investigative fees
• Regulatory fines from state and federal agencies
• Lost revenue
• Lawsuits related to customer or employee privacy and security
• Notification expenses
• Legal fees

Both cyber liability and data breach insurance have coverage exclusions which include:

• Professional liability
• General liability
• Property
• Employment practices liability

Is Your Business at Risk?

If your business handles any of the following, you need cyber liability insurance:

• Employee or customer personal information
• W-9 forms
• Personal health information
• Copies of checks or credit card receipts

You are exposed if you have access to any of the aforementioned data. The exposure comes from more than simply hackers breaking into computer systems. Laptops, smartphones, and portable memory devices that are misplaced, abandoned, or stolen are a common source of breaches, as are actions taken by irate employees and procedural mistakes. 

How To Assess Your Cyber Risk

Determine Your Cyber Risk

It is critical to understand two major channels that criminals frequently use: email and employee errors. Ninety-four percent of malware is sent by email, according to reports, and at least 37% of breaches can be attributed to human mistakes.

A good cyber insurance partner will have the procedures and resources necessary to assess your present vulnerabilities, provide frequent reports, and provide detailed recommendations for reducing your risk.

Review Your Current Insurance Program

Understand that your general liability insurance will not cover your cyber risk. It’s important to have a complete review of your commercial insurance program to allow you to design the right coverage for your business. 

Consult with a Cyber Security Processional 

Get educated regarding your possible cyber risks and establishing internal controls.

Risks can include phishing attacks, data breaches, malware attaches, and much more. A cyber security firm can help you establish internal controls to limit these risks. These are examples of risk controls that your business might consider: 

• Do not use the same password for your accounts; important accounts such as online banking, financial services, or online purchases with your credit should have different passwords.
• Install security software that is designed for your specific business.
• Only connect to the Internet over secure, password-protected networks.
• Do not collect information that you do not need.
• Reduce the number of places where you store information.
• Do not store essential information on laptops.
• Password protect your important documents.
• Review bank and credit card statements monthly.
• Have the company’s database on a different web server than the application server. 
• Never email information on an unsecured Wi-Fi network.

Get Up-to-Date Coverage Information

Make sure your agent provides up-to-date information regarding additional services your cyber insurer provides.

Learn the specifics of what to anticipate if you encounter a cyber event as you explore your alternatives for cyber liability insurance. How much of an impact will the incident have on your cybersecurity insurance provider? What happens during the claims process? What kind of assistance will you get? How long after the event will you still be able to contact your provider?

Final Thoughts

The digital world is complicated and continuously changing. It is critical to proactively safeguard your company from these unanticipated hazards. Understanding insurance issues may be challenging. Take the initiative to lower the likelihood that a cyber incident will occur. The experts at LCK Insurance can make sure you are adequately icovered. Contact us today. 

Free Guide: Workers’ Comp Best Practices