Why do you need Cyber Liability Insurance?
If you collect any sort of personal or company information, have a “login” feature on your site, integrate with another company’s systems in any way, have clients who rely on your programs or software in their operations, have employees who could fall for a phishing scam, generate online content such as blog posts or even simply rely heavily on email communications, you need cyber liability insurance.
The average total cost of a data breach in 2015 was $4,000,000 and the average cost per individual record that was lost was $158 (IBM).
Criminals are only responsible for a portion of these data breaches. IBM and Ponemon determined that half of all data breaches in the US were caused by mistakes! 23% can be attributed to negligence and 27% to system error.
87% of cyber claims come from companies with under $2B in revenue, according to one NetDiligence report.
A typical data breach involves the failure of a security feature or unauthorized access to an entire database. This means that thousands of users’ data will be compromised rather than just a handful. It’s pretty easy to see how a breach of this nature opens your company up to more than just a simple lawsuit. More realistically, you’ll be looking at a class action suit. These are a whole lot more expensive to defend against.
What is Cyber Liability Insurance?
Cyber liability insurance is designed to protect companies against lawsuits from third parties and fines and penalties from regulators. The goal of these policies is to address the risk exposure created by various electronic activities, the most common of which being the collecting or storing some kind of PII.
This is a relatively new type of policy and the coverage available seems to grow every year. In the past, a policy might have only protected you against lawsuits from victims and fines from government agencies. Now policies are expanding to capture some of the other expenses.
Today it is not unusual to find policies that will pay for crisis management consultation, forensic investigation into the source of the breach, guidance in public messaging from a PR firm and notification and credit monitoring services for affected users. If your system or software has been compromised, data restoration services can be costly — cyber policies can pay this bill after a covered loss. Last but not least, the right insurance product will reimburse you for income lost and payroll spent during the time when your systems were down and you were unable to operate.
Some newer policies even include coverages like dependent business income (for when your service provider suffers an attack and you lose money as a result) and social engineering (e.g. spear phishing).
As soon as a single PII record is compromised, various state and federal privacy laws will kick in to make sure you play by the rules and take responsibility for the lost data. But this policy isn’t just about paying the cost of a legal defense.
Having a cyber insurance policy in place means that, if the worst does happen, you’ll have a crisis management partner who will walk you through what you need to do to minimize the financial impact to you and the broader impact to the people and organizations affected.
How it Works
“Didn’t overwhelm us with paperwork and didn’t try to sell us to buy insurance that a tech startup doesn’t need. Definitely will recommend to any startup!
“Being able to work closely with someone on our insurance needs is incredibly important!” _________________________________________
“Great mix of old-school customer service with awesome use of technology to make the process as seamless as possible.” _________________________