When was the last time you heard news about a major corporation suffering from a data breach? Last week? Today? Big companies receive big media attention, but did you know that 71% of cyber attacks are on small businesses? In fact, according to Industry and Business, 95% of credit card breaches reported by Visa Inc. are from small businesses customers. It is no longer a matter of if; it is a matter of when your business will be attacked. How would your business recuperate from a data breach costing an average of $36,000, or possibly even upwards of $50,000?
Customer Information
You may wonder why hackers would even be interested in any of the information you keep on file. They are looking for customer’s names, addresses, phone numbers, and financial information (credit card and bank account numbers). Once they compile enough data from enough people, they bundle it together and sell it in bulk to others who operate on the “dark web” (encrypted websites that require special software or authorization to access). The buyers on the dark web use that personal information to open accounts, obtain loans, and commit other nefarious acts that wreak havoc on your clients’ financial identity. Big corporations keep more data on file than smaller companies; but, in theory, they also have more safeguards in place to protect that data. Hackers don’t care where the information comes from; they are simply interested in obtaining personal information on consumers so they can sell it for a profit.
Traditional commercial general liability and property insurance exclude cyber risks from coverage; however, coverage can be bought back by endorsement, or by purchasing a stand-alone policy. Because this is a relatively new topic for insurance companies, The Department of Homeland Security is currently working to increase awareness about current cyber risks and risk trends. They are also looking into creating a cyber incident repository that would identify cyber security best practices and reward businesses for implementing them. As more information is collected in these repositories, analytics products can be designed and better product pricing can be implemented.
Cyber Liability Insurance
Cyber liability is typically offered in two parts: first party (the insured) and third party (clients and vendors). For the most comprehensive plan, business owners should look for a policy that provides coverage for both parties.
First Party Coverage
- Provides coverage and services that allow the insured to respond to and remedy a breach of information
- Business data recovery or reproduction
- Notifying clients that their data has been compromised
- Lost business income due to computer system interruption
- Extortion payments
- Money or securities stolen from the insured’s account
Third Party Coverage
- Provides defense coverage due to a security breach of an employee (e.g. using unsecured networks, not using an encrypted laptop, or transmittal of a virus to a third party)
- Provides credit monitoring for affected clients
- Assists with identity recovery expenses
- Covers the disclosure of private information that affects other parties
What Else Can You Do?
Cyber liability insurance is still in its early stages, so little historical data is available to determine appropriate premiums for risks. Since cyber liability insurance is not use-based (like auto insurance), policies are customized to fit each insured’s specific needs based on their exposure. The Department of Homeland Security urges businesses to adopt preventative cyber security measures and is encouraging insurance companies to price coverage based on the insured’s level of self-protection. Examples of security measures that may reduce your premium include:
- Install anti-virus software and regularly test and update it
- Install a computer firewall
- Perform periodic security tests
- Control user access to critical or sensitive systems
- Monitor compliance with the terms of use and privacy policy used by your company
- Have your bank accounts reconciled by someone not authorized to deposit or withdraw
- Require a countersignature of checks
- Subject securities to joint control by two or more responsible employees
- Structure approval for major transactions by high authority
Insure With the People You Trust
Small Business Trends reports that upwards of 65% of small businesses are “without cyber insurance, even though many of them cite data breaches as their number one concern.” Your small business needs the protection of cyber liability insurance. Ideally, you want a policy that offers both first and third party coverages, and that will respond to a claim with legal defense, public relations/notifying clientele, and quick cyber incident response. Luckily, the agents at Kasmann Insurance Agency can help! We have several companies that offer cyber liability protection and commercial experts on hand that can help you assess your risk and determine an appropriate level of coverage. Don’t risk your company’s future any longer – call us today!