Summary: For businesses wondering "when do you need cyber insurance?" the answer is now. Cyber attacks continue to grow, with the average attack costing a company as much as $200K. Commercial cyber insurance or data breach insurance supports the business's efforts to recover in the event of a cyberattack.
All Businesses Need Cyber Liability Insurance
Small businesses are often very cost-conscious, investing into their company, their employees and their products. While they focus on growing their business and generating revenue, they can overlook a critical component to long-term success – cyber security.
What Is Cyber Insurance and Why Do You Need It?
Attacks are common. According to a recent report
, 43% of cyber attacks are aimed at small businesses and only 14% are prepared to protect their business if there is an issue. Security Magazine
reported "more than two-thirds (67%) of companies with fewer than 1,000 employees have experienced a cyber attack, and 58% experienced a breach." Many of these businesses
never reopened after they were hit by a cyber attack.
Cyberattacks cost a company an average of $200,000
. Personally identifiable information (PII)
was the most reported data breach, with credit and payment card information being one of the most frequently stolen pieces of data. Maintaining cyber liability insurance will help keep companies operational after an attack.
Cyber liability insurance coverage is important for any size business to have. At a minimum, cyber liability insurance helps companies comply with state regulations that require a business to notify customers of a data breach
involving personally identifiable information. Policies can also cover:
- Indemnification for legal fees and expenses
- Customer notifications in the event of a breach
- Option to monitor the information of anyone impacted for a specified period
- Costs incurred in the recovery of compromised data
- Costs for repair of damaged computer systems
Why Do Cyber Criminals Target Small Businesses?
Small businesses are often easy targets for cyber criminals because they typically have less security in place than larger companies.
A cyber liability insurance policy augments and supports the business's efforts to recover in the event of a cyber attack. It will provide access to expert resources and financial support through investigation, notification, recovery and post-recovery activities related to a data breach event.
What is a Cybersecurity Breach?
When customer data is compromised, it's usually not arbitrary or otherwise public information being targeted. Credit card data, names, phone numbers, addresses, driver's license numbers, health records, and even social security numbers can quickly find themselves in the wrong hands with a few strokes of the keyboard. Attacks can vary from malicious assaults on your physical servers to phishing scams that solicit sensitive data from individual users. Cybercriminals may also use ransomware to block access to your entire network until a sum of money is paid.
What Happens After a Cybersecurity Breach?
There are many steps to take after a cyber attack. Following the attack, your business can be impacted in the following ways:
Probably the most critical potential consequence of a data breach is damage to the company’s reputation. While major retailers like Target and Home Depot may be able to bounce back from that type of hit, small businesses can have a harder time winning back customer trust.
Customer Financial Data
If financial information is compromised during a breach, your business could be hit by heavy fines from credit and debit card companies. This is particularly true if the company was not fully compliant with requirements from the PCI Security Standards Council, a global forum for implementation of account data protection measures.
If you don’t have a detailed data breach response plan, your client could be focusing on the breach instead of serving your customers. In the end, their business suffers.
If your client's business computer system is hacked and cybercriminals make a false wire transfer using their online banking credentials, the bank is not responsible for lost funds, as long as they followed the proper security protocol on their end.
How Do You Prevent Data Breaches? How Can You Prepare for a Cyber Attack?
- Know the warning signs of a data breach
- Have a breach response plan of the procedures to follow if there is a cyber attack
- Have a breach response team, which is a cross-functional team who coordinates the data breach response efforts across the company
- Establish data encryption to keep sensitive company and client data protected
- Train employees on hacking trends / prevention
- Get cyber liability insurance coverage
- Companies should also have an updated cybersecurity policy outlining specific expectations of their employees when using technology and databases
- Employees should understand the difference between cyber security vs. data privacy
- It’s also important to pay attention to unique risks your organization may face based on the industry you are in (for example, nonprofits) or based on the type of exposures you have (remote workers)
While there’s no way to guarantee your business won’t get breached, there are steps your clients can take to reduce the cost if a breach does occur. Clearly, the best way to mitigate the cost of a breach is to be prepared: secure the business, get a plan in place, and make sure everyone knows their role in preventing and responding to a breach.
Data Breach Insurance for Small Business
AmTrust appointed agents understand the needs of their commercial customers, and have access to coverage options and innovative solutions that help protect policyholders against financial loss, reputation issues and other damage stemming from cyber attacks.
Our focus on providing small and mid-sized businesses with affordable, effective cyber liability insurance lets our appointed agents tailor policies and coverage options to the individual needs of insureds. AmTrustCyber offerings helps ppolicyholders avoid the real costs of a cyber breach. Contact our team for more information.