We all can appreciate the conveniences of technology in our lives. That convenience along with digital interconnectedness have given rise to a multitude of cyber risks that threaten organizations of all sizes and types. The cost of these annual cyber threats in the U.S. is staggering. According to IBM, the average cost of a single data breach in the U.S. is $9.44 million.
Now, more than ever, proactive cybersecurity preparedness — including sufficient cyber insurance coverage — is critical for businesses to protect their data, reputation, and customers.
Cyber insurance offers a layer of protection by providing financial coverage and support in the event of a cyber incident or data breach. However, navigating the world of cyber insurance can be complex and confusing. Here are answers to some of the common cyber insurance questions we get:
Cyber Insurance FAQs
What is cyber insurance?
Cyber insurance, also known as cyber liability insurance, protects an organization from the financial losses and liabilities of a cyberattack or data breach.
What does cyber insurance cover?
Cyber coverage terms vary by policy and insurance carrier. In general, however, it is designed to help cover the costs associated with recovering from a cyber incident and the harm caused to both the policyholder’s business and their customers. Examples include: general business interruption, data recovery and restoration, compliance fines, public-relations efforts, extortion and ransomware costs, settlement costs, and other legal fees.
I already have a general liability policy. Do I need additional coverage for cyber?
Cyber insurance is a specialized form of insurance, designed specifically for the unique risks affiliated with cyberattacks and data breaches. Typically, this kind of comprehensive coverage is not automatically included in general liability. Some general liability policies may offer cyber coverage, but it’s often very limited and won’t sufficiently cover the high costs associated with a cyber incident. Securing a standalone cyber policy or adding the proper endorsements to an existing policy is best.
I’m just a small business. Do I still need cyber insurance?
While larger, high-profile businesses are the ones who make the news after a breach, small businesses aren’t immune to attacks:
- Although 57% of small-business owners don’t think they’ll be targets of a cyberattack, small businesses account for 43% of all data breaches.
- Employees of small businesses (fewer than 100 employees) experience 350% more social-engineering attacks than those at larger companies.
- The average cost of a data breach for businesses with fewer than 500 employees is $2.98 million.
How can I safeguard my business against cyberattacks?
Although cyber insurance is essential, it shouldn’t be your first line of defense. Businesses need to be very intentional about putting strong cyber risk management protocols in place and lowering their total risk exposure, with the aim of preventing or stymying attack attempts.
A great first step is conducting a cyber risk assessment to identify potential threats and vulnerabilities to your organization’s systems and data. Once you have an idea of your most critical risks, you can begin the work of prioritizing and addressing those weak points through improved cybersecurity controls. For instance: establishing company-wide policies, conducting employee training, setting up firewalls, installing encryption software, and implementing intrusion detection systems.
Do cyber policies have exclusions or limitations I need to watch for?
Absolutely. As with all insurance policies, it’s important to carefully read the fine print to ensure you’re fully covered. The last thing a business wants is to hear an insurance claim is denied for something they thought was covered in their policy. Some policies, for example, may include exclusions for damage caused by a social-engineering attack or losses due to an outdated hardware failure that led to a data breach. Working with an experienced cyber insurance broker provides a guard against detrimental coverage gaps by ensuring none of these important details are overlooked.
How much does cyber insurance cost?
The cost of cyber insurance depends on several factors, including the size of the business, the type of coverage needed, and the level of risk. That said, cyber insurance costs have increased dramatically over the past few years — as much as 61%.
Are there things I can do to lower my cyber insurance costs?
Yes, there are ways to help lower your insurance costs. Insurers look favorably on companies that are proactive and prepared for cyber threats. Again, this is where working with a knowledgeable broker comes into play. An adept broker with strong carrier relationships can leverage your risk mitigation protocols and security controls to negotiate better terms and a better rate.
What is MFA?
With MFA, or multi-factor authorization, someone needs to supply more than one form of authentication to log into an account or system. This often takes the form of a password and a single-use pass code sent via text, email, phone, or a third-party authenticator app. Though not entirely foolproof, MFA thwarts cyberattacks by making it harder for a criminal to hack or social-engineer their way into a system. Because of how well it protects against cyberattacks, most insurers require businesses to enable MFA before they’ll even consider offering coverage.
Cyber Insurance Isn’t a Generalist’s Game
The cyber insurance market constantly evolves in response to new and emerging threats. Because policy language and terms are not standardized throughout the insurance industry, policies vary drastically carrier to carrier and makes it difficult to ensure proper coverage is provided. Partnering with a wholesaler like Jencap who can properly navigate every single policy form and understand the unique coverage needs of every risk makes all the difference.
Contact us to speak with one of our cyber experts and get a quote today.