Published by Thomas Musselwhite
We live in a vast, digital world, and for most of us, technology makes life easier. Innovations in technology have enhanced business processes and created efficiencies that many of us never could have imagined. Simultaneously, our complete dependency on technology has allowed cyber threats to become one of the most significant risks facing businesses in the United States.
Regardless of size, all businesses now use technology to communicate with others, connect and exchange data, and operate on a daily basis. As a result, all businesses now face cyber risks of some form. These risks are not unique to large corporations, financial institutions, healthcare providers or businesses that operate solely on the web.
According to a recent study from Coveware, the most commonly attacked businesses have between 11-100 employees and 75% of attacks are on companies with under $50M in revenue. With the average ransomware payment now over $200,000, the cyber exposures facing your business could cause severe harm to your bottom line.
Unfortunately, cyber risks are not typically covered by standard commercial insurance policies. Even if coverage is available, professional, property and general liability policies have significant gaps in coverage for cyber exposure and are usually issued with broad exclusions and lower limits that will not cover the total cost of a loss.
WHAT’S THE BEST WAY TO PROTECT YOUR BUSINESS?
Cyber Liability insurance is standalone coverage that protects your business from financial losses resulting from cyber-related risks. This can include losses from data breaches, cyber extortion, ransomware, and viruses. These risks are not only limited to threats from outside your organization but can also include coverage related to human errors, equipment loss, system glitches and even rogue employees.
In general, cyber liability insurance offers your business two types of coverage:
- First Party: Covers damages to your business.
- Incident Response: Costs to hire counsel to manage the breach response process, forensic investigators to determine how the incident happened and PR costs to manage your company’s reputation.
- Cyber Extortion: Can cover extortion payments and expenses paid in the event of a cyber-criminal threatening to harm and/or expose your data.
- Notification Costs: Costs of notifying customers, vendors and other parties affected by a data breach.
- Loss or Damage to Electronic Data: Costs to restore or replace electronic data.
- Business Income & Extra Expense: Covers loss of income and expenses resulting from the shutdown of your computer systems due to a cyber event.
- Third-Party: Covers damages to others.
- Network Security and Privacy Liability: Can cover claims alleging your business failed to properly protect sensitive data stored on your computer systems.
- Regulatory proceedings: Can cover the cost of fines and/or penalties imposed by regulatory agencies resulting from a data breach.
- Electronic Media Liability: Can cover lawsuits against your business for copyright infringement, libel, slander, and defamation resulting from publishing electronic data on the internet.
While cyber liability insurance can protect your business in the event of a loss, there are also preventative measures that all businesses can take to limit their cyber exposure. Below we outline some simple preventative measures to protect your business from cybercrime.
- Assess your risk: This starts with understanding what information you store that may be valuable to cybercriminals. This could be critical information like social security numbers and credit card information but can also include phone numbers and email addresses.
- Educate and train employees: It is important to understand how specific cybercrimes are committed, and what techniques are used to target organizations like yours. Train your employees on how to recognize these treats and what precautions to take.
- Continuously update and assess new technology: Conduct research to find the right tools and layers of protection for your business and be sure to keep your defenses up to date.
- Implement safe web practices: Educate employees on proper web usage, and ensure they only visit secure pages. Consider blocking known threats and specific webpages.
- Develop strong password policies: Create a policy to outline your organization’s password management requirements.
- Back up your data: Keep files backed to access critical data in the event of a cyber-attack.
- Find vulnerabilities: Use secure tools or outside vendors to review your network and digital processes to understand where your vulnerabilities lie.
- Develop a cyber incident response plan: Create clear steps for your company to follow in the event of a cyber attack.
No matter what risk management strategy is in place, impenetrable cybersecurity measures do not exist. Digital threats are constantly evolving and are impossible to prevent entirely. With cyber risks now being a significant threat to every business, Cyber Liability Insurance has become a critical requirement.
Consider how your business would recover if your data were stolen, destroyed, lost or held for ransom for even a few days. How would your bottom line be affected? Would your reputation be damaged? How would you notify your customers and vendors?
At Pritchard & Jerden we are dedicated to helping clients understand the risks facing their business. This includes traditional risks, but also emerging risks associated with the cyber threats we all face. Be sure to talk with one of our brokers to identify the cyber exposures you face, and make certain coverage is in place to keep your business protected.
Click below to determine your organization’s Cyber Risk Exposure.