Want to Avoid a Financial Nightmare? Take out Cyber Liability Insurance
Cyber Liability Insurance is designed to provide commercial businesses with protection against a variety of liability risks. In the ever-growing online world, data is now a major security concern. Businesses are exposed to risks from first and third parties, and have to worry about sensitive information, such as private and confidential customer information, being breached or stolen. It is the responsibility of businesses to ensure this information is secured. This is especially the case for those with a dependency on online transactions and content. Types of data under threat include:
- Personally identifiable information
- Government ID numbers
- Medical records
- Payment card data
- Email address databases
- What does It Cost a Business to Not Have Cyber Liability Insurance?
- Impact of Privacy Laws on Australian Businesses
- What Does Cyber Liability Insurance Cover?
- What Does Cyber Liability Insurance Cost?
- Key Steps to Reduce the Cost of Cyber Liability Insurance
- Make an Enquiry with a Broker and Save on Cyber Liability Insurance
The Target Case
The shift from offline to online has made many businesses heavily web dependent. This dependence has in turn created a new set of security risks that businesses have to deal with. Today, more and more businesses are experiencing data breaches of almost epidemic proportions. Couple this with growing media attention of cyber breaches and consumer awareness and you have a well informed populous looking for answers, seeking punitive damages from offending companies. In 2013, retail giant Target was the victim of the biggest retail hack in history when details of every credit card used at the company’s 1,797 U.S stores were stolen…a total of more than 40 million card details.
What does It Cost a Business to Not Have Cyber Liability Insurance?
Target’s case provides an example of just how devastating a cyber breach can be to a business:
- 90 lawsuits were filed against Target by both customers and banks for negligence
- $61 million was spent in February 2014 alone responding to breach
- Customer response operation setup with a promise that customers would not have to pay for any fraudulent charges that were the result of the breach
- Profit dropped 46% from the same quarter of the previous year
It’s not just the major companies like those recently hacked including Target, LinkedIn, eHarmony, Dropbox and Yahoo that should be concerned about cyber liability. Claims against smaller companies can be just as devastating. Reports published by US based privacy researcher, the Ponemon institute, estimated that the average claim against both private sector and non-profit companies totaled $5.4 million USD. A report from the US Secret Service and Verizon Communications found that over 72% of data breaches affected small to medium sized businesses. What many smaller businesses are failing to realise is that they are rarely covered for cyber liability under their traditional insurance policies. Most insurers exclude cyber liability from insurance policies and others will only provide cover in certain situations. Cases have shown that many CEOs only discover their lack of cover after a claim and the damage is done.
A report from Chubb security in 2012 showed that 20% of companies experienced a cyber security issue in the previous 12 months, yet 65% of the public companies surveyed had not purchased cyber cover. Many are pointing to a general lack of awareness from CEOs about the risks associated with cyber security and the belief that cover is too expensive as an explanation for such widespread underinsurance. When you consider the fact that the average cost of a breach to a small business exceeds $5 million dollars, a couple of extra hundred dollars in insurance premiums may not seem so bad.Back to top
Impact of Privacy Laws on Australian Businesses
The amended Privacy Laws have given greater power to the Privacy Commissioner to impose penalties upon organisations and individuals who are involved in data breach events. A company may be required to pay as much as $1.7 million dollars and individuals up to $340,000 for failure to comply.
What Does Cyber Liability Insurance Cover?
While policies will differ between providers, cyber liability insurance will usually provide cover for:
- Business interruption. Losses suffered by business following an attack.
- Electronic Theft. Transfer of funds or property due to fraudulent input of data into a computer system.
- Electronic Communication. Transfer of funds or property on the faith of fraudulent communication.
- Electronic Threat Loss. This includes cost of a negotiator or ransom payment.
- Electronic Vandalism Loss. This includes vandalism caused by an employee.
- Crisis expenses. Covers expenses incurred from public relations consultants following a loss.
- Reward Expenses. May include cost of paying an informant.
- Disclosure liability. Claims from third parties following system security failure that result in unauthorised access to sensitive information.
- Content liability. This may include claims that arise from breaches of intellectual property, breach of copyright and trademark infringement.
- Impaired access liability. Includes claims that may arise from systems failures that result in restriction of client access.
- Defense costs. Provides cover for costs that may be incurred defending claims.
What Does Cyber Liability Insurance Cost?
The cost of cyber liability insurance largely comes down to the company's risk exposure to a cyber security breach. The company will need to determine what risks they are exposed to and what they may be required to pay in the event of a claim. Essentially, how much a company will pay comes down to:
- The likelihood of a claim occurring:
- measures/insurance already in place
- nature of business
- number of employees
- The level of cover provided:
- range of cover
Key Steps to Reduce the Cost of Cyber Liability Insurance
Like buying any form of insurance, it is critical that business owners take the time to assess what they actually need to be covered for to avoid paying for expensive extras on their policy they don’t require. Some other key steps for reducing the cost of your cover include;
- Reinforce security practices. Take the time to ensure you have adequate protection software in place and strong password protection. Poor password protection has been the cause of massive data losses for many companies.
- Risk assessments. Implementation of an ongoing risk assessment schedule to uncover any hardware and software vulnerabilities.
- Secure network access. Use firewalls, anti-virus and anti-spam software and private networks to help prevent attacks.
- Risk management from insurance provider. Some insurers provide risk management services.
- Know what risks are unique to your business. Not all companies are going to have the same vulnerabilities when it comes to cyber liability. Knowing what risks you are exposed to will help you tailor your cover.
- Find out what other cover you already have in place. You may find that you are already covered for some losses under existing first and third party policies.
- Appropriate sub-limit. Each policy will have a maximum amount applied for what will be paid in the event of a breach. Make sure this is adequate for your business.
- Speak with a broker. An insurance broker can help you evaluate your cover requirements to help you find a suitable policy option at a competitive rate. Understanding the intricacies of different cyber cover and determining what you are already covered for is no simple process.
Make an Enquiry with a Broker and Save on Cyber Liability Insurance
Hopefully after reading this article you can see the importance of finding adequate cyber protection for your business. It’s natural to feel slightly overwhelmed at the prospect of assessing the risks your business faces and what type of policy you should be looking for. A business insurance broker can help you find a policy that meets your businesses cover requirements and does not leave you overprotected and paying too much for cover.