When it comes to security, many business owners are still a bit old school. They have their security cameras and alarms in place and make sure the doors are locked tight each night. However, they still leave themselves exposed to an even bigger vulnerability—online and cyber theft.
If you’re asking yourself if cyber insurance is something you need, the answer is most likely an emphatic yes.
Maybe you aren’t completely out of the loop. You have a firewall and antivirus software on company gadgets. You make your passwords stronger than the average user. If you’re more tech-savvy than most, you may even have your employees and contractors undergo training on protecting company data. Still, when you consider that even massive corporations experience cybersecurity breaches, it’s clear that despite your best efforts... you’ll have vulnerabilities.
Though your business may be small, the stakes are high. Over half of all small businesses will experience a cybersecurity incident every year, resulting in an average of $1,835,000 in losses. For many entrepreneurs, this would likely end their business. For many entrepreneurs, this would be a death sentence for their business.
General Liability Insurance vs. Cyber Insurance
The first insurance policy you took out for your business was no doubt general liability. Given a basic understanding of the policy, it sounds like it should cover you after a cyber attack. After all, your data is your property. Right?
Take a closer look at the language of your general liability policy and you’ll likely find that the property covered is “tangible property”—that which can be physically touched. Digital property isn’t covered. Even if there is a provision for digital data, it’s rare for it to cover more than loss related to physical damage to computers or servers.
Another option you might have opted for is a cyber addendum tacked onto your primary policy. This is better than nothing, but it isn’t quite enough. These add-ons tend to have significant limitations and low coverage amounts that might not be enough for even a single cyber breach. While it’d be nice for your general liability policy to offer the coverage you need, that likely won’t be the case.
What Cyber Insurance Includes
Cyber insurance is different from most types of policies in that there is a lot of variance between companies offering it, and in most cases, you’re given multiple options for customization. There are two broad categories policies fit into, and your business likely needs both.
First-Party Response Policies: This type of policy covers the expenses related to notifying parties about a security breach and rebuilding your company’s reputation.
Third-Party Defense Policies: This type of policy covers legal expenses incurred as a result of a cyber-attack.
Within these broad categories, there are other features and coverage types that allow you to tailor your policy to your specific needs. These include:
Extortion: Coverage for payments to extortionists who hold data hostage or threaten to release sensitive data if not paid
Theft and Fraud: Coverage for data destruction, theft, and transfer of money related to a digital breach
Business Interruption: Coverage for income lost related to interruptions in your operations as they relate to cyber attacks
Forensic Investigation: Coverage for investigative, legal, and technical services that help to assess the damages caused by a data breach
Data Loss and Restoration: Coverage for the loss and recovery of data
While you can generally pick and choose what you have covered, most businesses will benefit from a comprehensive policy.
Signs You Need Cyber Insurance
If you have any data on a computer, tablet, cloud, USB stick, etc.—you need cyber insurance. Chances are good that if you’re reading this, at least one of those applies to you. We understand being hesitant to take out additional coverage; every penny matters for business owners. To help make your need for cyber insurance more concrete, here are other signs that indicate you should take out a policy.
You collect personal information from your customers, such as phone numbers, emails, and home addresses
You record credit card and debit card data at the point of sale
You store data related to purchases you make from suppliers, including their personal information or bank account numbers
Your website allows customers to create a profile requiring log-in information
You keep track of purchase histories
If any of these describe your business operations, then it’s time to call your insurance agent and take out a cyber insurance policy.
Pedro Ponce is a Commercial Insurance & Risk Advisor who has been representing his customers for over ten years. He holds a Certified Insurance Counselor designation and is currently working on becoming a Certified Risk Manager.
Need more Specific Advice?
Tell us about your exposures, and we'll write an article about how we would mitigate your risk.
Leap | Carpenter | Kemps Insurance Agency provides Commercial Business Insurance, Employee Benefits, Life and Health Insurance, and Personal Insurance to all of California, including Merced, Atwater, Los Banos, Mariposa, Madera, Fresno, Modesto, Turlock, and Stockton.
CA License Number 0646081 | Licensed to do business in California, Arizona, Hawaii, Idaho, Montana, Nevada, North Carolina, Oklahoma, Oregon, Virginia, West Virginia and Washington.