In today’s world, businesses large and small must have a strong system in place to protect their data from the threat of hackers and cybercriminals. Cyber hacks of large companies may dominate the headlines, but cyber criminals are also targeting small businesses which are often more vulnerable and less able to sustain the resulting financial and reputational damage. In fact, nearly one-third of cyber attacks in 2013 occurred in companies with fewer than 250 employees.
Increasingly, companies are looking to protect themselves from the liabilities stemming from hacking and data breaches by purchasing cyber insurance. From 2012 to 2013, companies buying policies increased 21 percent. Not surprisingly, cyber insurance is the fastest growing area of the insurance market.
Should you consider getting a cyber insurance policy for your business? Many security experts believe it’s no longer a question of if, but when a business will be hacked. Many cyber crimes focus on a company's client database to obtain access to such records as credit card receipts, bank accounts, contractual agreements, medical records and other business and personal records. As a business owner, securing this sensitive data is a must, especially if you do some or most of your business online.
A cyber insurance policy, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is designed to help a business mitigate risk exposure by offsetting costs involved with recovery after a cyber-related security breach or similar event. Plans and coverage for businesses range in size and price, from the basic to the more complex.
Cyber insurance has not been around as long as more traditional insurance policies, so the terms can vary widely from one issuer to another. Although there is no universal standard for underwriting these policies, an average cyber insurance plan would likely cover loss of business income as a result of an attack, legal fees related to a breach, and costs related to fixing an exploited vulnerability.
An insurance plan also might cover the cost of a consumer data breach by paying for notifications to customers and other affected parties (which are mandated by law in many jurisdictions), and credit monitoring for customers whose information may have been breached. Another option to consider is third-party cyber liability coverage for legal defense costs, judgments and settlements you might incur if a customer brings a claim against you for a data breach.
Many major insurance companies offer some form of cyber liability insurance and can tailor policies to meet your needs. As with any insurance policy, it is always a good idea to shop around to ensure the best pricing and fit for the risks your company faces. Carefully analyze the coverage provisions of a potential cyber insurance policy and be clear about the exclusions as well.
Most business owners don’t think about the issue of cyber security until they experience suspicious activity. By then it may be too late to prevent theft or other damage. The best defense against cyber crime truly is a good offense. Talk to your insurance agent, review your existing policies and calculate your level of risk.
It is also important to consider the complex liabilities associated with cyber crime from a legal perspective before deciding what type of insurance coverage you need. To discuss the specific risks to your business and how best to protect yourself, your employees and your customers, contact me at 973-509-8500 x213 or email LFarber@LFarberLaw.com.
The contents of this writing are intended for general information purposes only and should not be construed as legal advice or opinion in any specific facts or circumstances.