Many small businesses don’t think it will happen to them, but cybercrime can happen to anyone.
There have been many recent incidents among large companies – such as Michaels and Staples – which have experienced serious security breaches. However, small businesses are just as likely to be hacked as larger ones, and as a business owner you don’t want to be one of them.
Regardless of business size, type, location, and even whether or not your business has a large online presence, commercial cyber liability insurance has become essential. Every company must protect their customers’ personal information, which is given to them in trust. But if that trust is violated in a cyberattack, your company will need protection, too.
While an up-to-date professional security system is your most important safeguard, insurance runs a very close second. Here are some things to consider when looking for cyber liability insurance:
Are you vulnerable? In assessing your risks, you should look at the following:
- Does the company keep private information about clients, employees, or vendors?
- What are the current rules and regulations regarding cybersecurity?
- How big is the brand, and what is your industry?
- What technology does the business use (e.g. mobile devices)?
- Does the company outsource to third parties?
- Ideally, you should hire a specialist to evaluate possible risks and find weaknesses in your company’s security.
Costs and Benefits: What is the cost/benefit of investing in cybercrime prevention? While cyber liability insurance may seem expensive in comparison to other commercial policies – averaging approximately $1500 annually – it’s nothing compared to the millions of dollars that a breach could cost your company, not to mention the loss of trust. Together they could sink your company.
Coverage: Consider your company’s potential risk to determine how much coverage you’ll need, then see how far your financial resources will go towards covering your losses, including
- remediation costs such as client notification services and additional marketing and public relations costs
- regulatory fines
- legal costs
- revenue loss
- lawsuit expenses
Once you’ve calculated the risk and the cost/benefits, consider the appropriate level of coverage. The rule of thumb is to buy as much as you can afford; however, if you want lower premiums, you may want to consider purchasing coverage for the difference between the financial resources on hand and the estimated costs of a breach.
Exclusions and options: Although cyber liability insurance provides coverage for singular data breaches, there are limitations, depending on the insurer, the business type, and the risks. Policies may also contain sections indicating how companies should handle breaches and what a policy will specifically pay for. Other factors can include
- coverage for third-party or contractor breaches
- breaches occurring offline, aka “paper breaches”
- what types of marketing/PR companies can be used for remediation services.