Cyber insurance 101

Cybercrime is becoming more prevalent every year. Unfortunately, many businesses are underinsured for this risk.

Just over one-third of businesses have a cyber insurance policy, according to a survey conducted by the Insurance Information Institute (III). Yet 42% of respondents said they’re unprepared to handle a cybersecurity threat.

Here’s a rundown of what business owners should know about cyber insurance:

What is cyber insurance?

A cyber insurance policy – also called cyber risk insurance or cyber liability insurance coverage – protects your company against cyber incidents. Risks covered usually include:

  • Lost or corrupted data.
  • Business interruption.
  • Identity theft.
  • Cyber extortion.
  • Reputation recovery.
  • Notification expenses.

A standard business owners policy (BOP) may provide some coverage for certain cyber incidents, III explained. However, to protect yourself against the vast range of online risks that businesses face, a dedicated cyber insurance policy is best.

Who needs cyber insurance?

Most businesses need cyber insurance today. There are countless ways hackers can cause damage to your company.

Big-name companies getting hacked may make compelling headlines, but the truth is that small businesses are just as at risk of being targeted. Verizon’s 2019 Data Breach Investigations Report showed that 43% of breaches involve small business victims.

Small businesses may not have the assets of a large organization, but they do have sensitive information that hackers can leverage. Plus, smaller organizations are less likely to have robust security measures in place, making them easy targets.

What are the most common cyber insurance claims?

According to AIG, the most common types of cyber claims filed are:

1. Business email compromise: 23% of claims

What they are: Scams carried out by email. Common targets are people in finance or payroll departments, according to a security researcher writing for Entrepreneur.

How to avoid them: Educate employees about red flags, such as mismatched “reply-to” and “from” email addresses, or odd requests that don’t seem legitimate.

2. Ransomware: 18% of claims

What they are: Hackers encrypt a business’ sensitive data, making it impossible for owners to carry out operations. Criminals demand payment in exchange for restored access – though there’s no guarantee they’ll uphold their end of the deal.

How to avoid them: Backup your data; hackers won’t have leverage if you still have the information. Additionally, train employees on signs of fraudulent activities, such as clickbait or malicious emails from unknown senders.

3. Data breach by hackers: 14% of claims

What they are: Hackers may use a number of tactics, including taking advantage of network vulnerabilities, using social engineering and more.

How to avoid them: Educate employees on best practices for engaging online. That includes using strong passwords, avoiding suspicious-looking links and not sharing sensitive information over email.

4. Data breach by employee negligence: 14% of claims

What it is: Human error leads to a data breach, such as mistakenly sending data to the wrong person or misplacing a laptop or other device containing sensitive information.

How to avoid it: Again, education is key. Train employees on best practices and make them aware of how mistakes can lead to serious consequences.

How cyber insurance benefits your customers

Cyber insurance protects businesses from financial loss after an incident. But, the benefits directly impact customers, too.

If a data breach occurs, cyber insurance will help you notify customers of the incident – a legal requirement in several states. It can also cover credit monitoring services to customers impacted by a breach.

Additionally, customers can be confident that their personal and payment information is secure.

Learn more about what they cover and how your business can benefit from this type of policy by contacting an insurance agent at Bank Midwest.

Sources:

https://www.iii.org/article/cyber-liability-risks

https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report.pdf

https://www.aig.co.uk/content/dam/aig/emea/regional-assets/documents/aig-cyber-claims-2019.pdf

https://www.entrepreneur.com/article/346450

https://www.iii.org/sites/default/files/docs/pdf/small_business_cyber_wp_102319.pdf

‹ Return to the Blog