As you’re deciding what type of insurance policy you need for your business, you may feel that you can do without cyber insurance. The truth of the matter is that no matter what industry you’re in, chances are good that you use a computer and sensitive personal information in some way, meaning that you’re vulnerable to a cyber attack or hack. Here at Bunker, we want to help you know beyond a shadow of the doubt whether you need to include cyber coverage with your current business insurance policy.
Understanding Cyber Protection
Before diving into whether you need cyber coverage, you need to know what it is. Cybercriminals target businesses of all types, including independent contractors and freelancers, and should you fall victim to an attack, having a policy makes it faster and easier to get back on your feet.
Specifically, you’ll need to cover any lawsuits customers or clients may raise for the loss of their private data, launch an investigation to get to the bottom of how deep the breach went, cover incurred business losses while you get back on your feet and monitor the credit reports and scores of all customers affected by the breach. Does all that sound like something you’d be able to financially cover on your own? Now you understand how essential cyber protection is.
The Price and Scope of Data Breaches
Even if you have a small business, you can become the victim of a data breach. What’s worse is the fact that the average financial impact of a data breach in the United States is $6 million, and more than 50 percent of small companies and startups are unable to withstand such financial pressure.
Cybercriminals also use ransomware, which locks up your data and prevents you from accessing it until you pay a ransom within a specific time limit. Unfortunately, even if you pay the ransom on time, there’s no guarantee that access to your data will be restored.
Another type of cyberattack is social engineering, a form of coercion with the goal of making targets give up passwords, computer access, bank account information or control of their computer. Such attacks can look like a friend emailing you asking for money because she or he is stuck in a foreign country, a message from a company that you may do business with asking for password verification or account information, or a response to a question that you didn’t ask.
If you do business at a coffee shop, library or any other place where there’s a public internet connection, it’s possible for passwords and other sensitive information to be stolen from your computer from hackers sharing the same connection. That’s one conversation that you don’t want to have with your clients and a scenario that could ruin your professional reputation.
Common Questions Regarding Cyber Protection
You may wonder if your current business liability policy handles cyberattacks. Unfortunately, just like a standard home insurance policy doesn’t cover flood damage, a standard commercial liability policy doesn’t encompass cyber liability, mainly because the speed at which digital communications procedures and policies shift makes it hard for insurers to keep up.
What if you work with a third party to handle all your customer data — you aren’t responsible in the event that there’s a data breach, are you? You are, because it’s you asking for the information, not the third party. While the third party will likely do its best to keep the data safe, you’re still considered the responsible party.
You could also be curious to know if you can skip out on cyber insurance if you have a knowledgeable, experienced IT department or work with cybersecurity consultants. While your IT department and security consultant can definitely help you mitigate your overall risk, there are simply no guarantees. As touched on above regarding the rapid changes happening in digital communications, there are new threats popping up all the time. Unless your IT specialists are solely focused on risk assessment, there’s a good chance that something will slip past their notice and potentially onto your computer.
Insurance As a Supplement Rather Than a Replacement
Just as you don’t stop wearing your seatbelt or putting your phone down while behind the wheel just because you have auto insurance, you also shouldn’t become lax in your computer security efforts when you get cyber protection. Keep in touch with reputable cybersecurity consulting companies and online sources to learn what measures to take to better ensure your data and information are well-protected.
It’s best that your business accounts are kept separate from your personal accounts. That way, if one account is hacked, the information in the other is safe. You should also regularly change your passwords on all your business (and personal) accounts and use two-step verification. If you have employees, be sure that they’re aware of the latest cybersecurity threats and know what to do to protect company data.
On a related note, both you and your employees should know what to do in the event that there is a security breach. Time is of the utmost essence in these situations, and quick action can keep things from spiraling out of control more than necessary.