Cyber Insurance

Cyber liability insurance exists as a standalone insurance product but is frequently purchased together with a broader errors & omissions liability insurance solution.

As a technology company, we recognize the risks associated with data and technology in business today. Data breaches, network failures, cyber extortion, and other cyber risks are increasingly large exposures for technology and non-technology companies alike.

Today, virtually any business that uses technology or manages any digital information faces cyber risk. For many, cybersecurity is a challenging issue. The threat and potential impact of cyber attacks have grown exponentially. In fact, statistics show that 60 percent of hacked small and medium-sized businesses fold within six months of experiencing a cyber attack.

Larger organizations justifiably view cyber insurance as an essential piece of their risk management program. High profile businesses such as Chipotle, Trump Hotels, Wendy’s, and Arby’s have recently dealt with serious cyber attacks.

We wrote this guide to help you, the reader, understand both the basics of cyber insurance as well as some more advanced considerations. Our hope is that you walk away from this article a more empowered buyer, with a better understanding of the risk you can transfer to other parties via the cyber insurance product.

Our experts can work with you to secure a cyber solution that is tailored to your business. We combine data, personalized service, and expertise to help you identify your specific exposures. We then structure a cost-effective, customized solution, which includes the appropriate type and limits of Cyber Liability insurance. If you’d like help, we’d invite you to talk with a broker or get started by creating an Embroker account.

Finally, if you are involved with a venture-backed startup, you can get market leading Cyber Liability insurance in less than 60 seconds through the Embroker Startup Program – click here to get an instant quote.

What is Cyber Insurance?

A cyber insurance policy, also referred to as “cyber risk insurance” or “cyber liability insurance” coverage, is a financial product that enables businesses to transfer the costs involved with recovery from a cyber-related security breach or similar events. In many cases, the policy can also provide access to a panel of top-tier breach coaches and other service providers.

A Short History of Cyber Insurance

Unsurprisingly, cyber insurance emerged onto the insurance scene recently as a result of the fact that other traditional business insurance policies were simply not created to cover the types of risks most commonly associated with cyber insurance.

Therefore, many insurance experts will argue that cyber insurance policies are still in their infancy and a lot of work needs to be done when it comes to standardizing coverage and making sure that insurance carriers are able to support the needs of modern businesses. Not only that, education is important in order for businesses to understand the threat of cyber attacks and the seriousness of these types of threats.

A very recent report from insurers Hiscox claims that seven out of 10 firms do not have a quality cyber security strategy in place.

There is, however, no doubt that the cyber insurance space will continue to grow rapidly and offers will certainly be expanded and customized. Also, as is the case with most other types of insurance offers, cyber insurance policies are evolving towards more industry-specific solutions and becoming less general.

Who Needs Cyber Insurance?

We strongly encourage all our clients to consider the value of cyber insurance, especially if they handle or use digital information.

One of the first topics we cover with many new cyber insurance buyers is the business’s regulatory or contractual responsibility with regards to customers’ personal information. If your business stores customers data such as names, addresses, credit card information, Social Security numbers, and more, on any type of computer system on or offline, then there is a regulatory obligation to keep that data secure, and therefore, a higher price tag in the event of a breach.

Many are surprised to learn the real costs associated with a breach. According to a Ponemon report from 2017, cyber attacks cost small and medium-sized businesses an average of $2.235 million. On top of that, the study showed that 60 percent of the businesses that were polled said that attacks are becoming more severe and more sophisticated each year.

Additionally, if your business’s revenue stream has any contact with European consumers or businesses, then the recently implemented General Data Protection Regulation (GDPR) likely applies to you. Many US-based businesses have already taken measures to be GDPR compliant but that doesn’t mean your insurance has followed suit.

What Does Cyber Insurance Cover?

Cyber insurance is as dynamic as the companies it protects and is consequently far from standardized. However, some of the issues that cyber liability insurance typically covers include:

Data loss, recovery, and recreation
Business interruption/ loss of revenue due to a breach
Computer fraud
Loss of transferred funds
Cyber extortion

Important note: Errors and omissions insurance is not cyber insurance and cannot serve as a substitute for proper cyber insurance, even if the E&O policy has a technology error rider.

If hackers expose or steal personal information, such as Social Security numbers, driver’s’ license number (in some states), address, and bank account information, a cyber liability insurance policy pays for:

Notification costs: This expense is significant because the company bears the burden of both identifying potential victims, which requires an internal investigation, and providing notification that’s reasonably calculated to give actual notice.

Credit monitoring: In effect, your cyber insurance policy pays for victims’ insurance policies. Regulators usually dictate the kind of credit monitoring to provide and it’s a safe bet they will not be satisfied with the cheapest available protection.

Civil damages: Most of these liability lawsuits are class actions, with hundreds of thousands of dollars in damages at a minimum, even for a very small company.

Computer forensics: This covers costs to hire computer forensics consultants working under the direction of your attorneys to determine whether a data breach occurred, to contain and prevent further damage, and to investigate the cause and scope of the breach.

Cyber insurance companies also have a duty to defend policyholders from related administrative actions or liability lawsuits. Additionally, most policies also provide resources that help policyholders design cost-effective and robust security and data encryption protocol. To further minimize liability risk, consider addressing BYOD (bring your own device) procedures.

Highly-Publicized Examples of Cyber Insurance at Work

Cyber Insurance Costs

It’s best to shop for this type of insurance by coverage as opposed to cost. Your company’s sophistication and ability to avoid an incident and coverage limit are the two biggest factors in determining premium costs, as well as revenue and number of unique PII or PHI records stored or maintained on the insured’s systems.

The good news for those seeking cyber coverage is that the insurance market is a buyers’ market in 2019. There are several dozens of insurers that are competing for your business.

Getting Started

Naturally, there are also things that you can do as a company to will help reduce the risk of attacks and breaches, such as making sure that your employees are receiving regular training and instructions on what they need to do to maintain security and what types of things they need to keep an eye out for – things that could tip them off to a potential attack.

For the easiest, most stress-free way to buy business insurance that is tailored to the specific needs of your business, get started by creating an Embroker account or reach out to our team of expert brokers. We’re here to help!

A Short History of Cyber Insurance

Unsurprisingly, cyber insurance emerged onto the insurance scene recently as a result of the fact that other traditional business insurance policies were simply not created to cover the types of risks most commonly associated with cyber insurance.

Therefore, many insurance experts will argue that cyber insurance policies are still in their infancy and a lot of work needs to be done when it comes to standardizing coverage and making sure that insurance carriers are able to support the needs of modern businesses. Not only that, education is important in order for businesses to understand the threat of cyber attacks and the seriousness of these types of threats.

Who Needs Cyber Insurance?

We strongly encourage all our clients to consider the value of cyber insurance, especially if they handle or use digital information.

One of the first topics we cover with many new cyber insurance buyers is the business’s regulatory or contractual responsibility with regards to customers’ personal information. If your business stores customers data such as names, addresses, credit card information, Social Security numbers, and more, on any type of computer system on or offline, then there is a regulatory obligation to keep that data secure, and therefore, a higher price tag in the event of a breach.

Many are surprised to learn the real costs associated with a breach. According to a Ponemon report from 2017, cyber attacks cost small and medium-sized businesses an average of $2.235 million. On top of that, the study showed that 60 percent of the businesses that were polled said that attacks are becoming more severe and more sophisticated each year.

Additionally, if your business’s revenue stream has any contact with European consumers or businesses, then the recently implemented General Data Protection Regulation (GDPR) likely applies to you. Many US-based businesses have already taken measures to be GDPR compliant but that doesn’t mean your insurance has followed suit.

What Does Cyber Insurance Cover?

Cyber insurance is as dynamic as the companies it protects and is consequently far from standardized. However, some of the issues that cyber liability insurance typically covers include:

Cyber Insurance Costs

It’s best to shop for this type of insurance by coverage as opposed to cost. Your company’s sophistication and ability to avoid an incident and coverage limit are the two biggest factors in determining premium costs, as well as revenue and number of unique PII or PHI records stored or maintained on the insured's systems.

The good news for those seeking cyber coverage is that the insurance market is a buyers’ market in 2019. There are several dozens of insurers that are competing for your business.

Getting Started

Naturally, there are also things that you can do as a company to will help reduce the risk of attacks and breaches, such as making sure that your employees are receiving regular training and instructions on what they need to do to maintain security and what types of things they need to keep an eye out for - things that could tip them off to a potential attack.

For the easiest, most stress-free way to buy business insurance that is tailored to the specific needs of your business, get started by creating an Embroker account or reach out to our team of expert brokers. We’re here to help!