L&T Blog

Why Cyber Liability Insurance is Vital to Keep Your Company Running

October 10, 2019

How safe is your business?

Reports of cyberattacks are commonplace with no industry left untouched. In 2018, 765 million people in the second quarter alone were affected by corporate data breaches and cyberattacks – with losses surpassing tens of millions of dollars, according to global digital security firm Positive Technologies. That’s 47 percent more compared to the same period in 2017.

Cyber thieves have come to realize that a company’s proprietary information – from private customer information to confidential employee files – are a treasure trove. For businesses, these attacks can be devastating, leaving companies who haven’t implemented a cybersecurity insurance plan as part of their risk management strategy crippled.

From notification costs and legal fees to lost income and fines, out-of-pocket costs can drain corporate coffers. In 2017, businesses spent an average of $11.7 million in response to a data breach – a 23 percent increase from 2016, according to Accenture.

As the threat of cyberattacks continues to rise, insurance coverage has evolved to keep pace with the changes. We have been counseling businesses to adopt cyber liability insurance to protect their digital assets, just as business insurance protects against physical risk.

Standard commercial insurance policies don’t cover cybersecurity risks

There’s a misnomer among businesses that a standard commercial insurance policy is all a company needs, but nothing can be further from the truth. A standard commercial insurance policy does not protect in the instance of a cyber breach of any sort.

Commercial insurance policies are written to specifically insure against injury or physical losses and typically do not protect from cyber theft, which can include harmful system failures, business interruption, cyber extortion, damages to a third-party system and more.

Some commercial policies go so far as to explicitly exclude electronic data, eliminating any coverage for claims based on the loss, damage, corruption or inability to use company data.

Cyber liability insurance is often confused with technology errors and omissions (tech E&O) insurance. Tech E&O policies are intended to protect software and hardware manufacturers, technology services providers, web designers and other similar firms that store data on an off-site basis. Cyber liability coverage is meant for a broader market, providing protection for companies in virtually any industry that transmit and store electronic data, from education and healthcare to retail and manufacturing.

Expanding coverage to the digital world

The results of a cybersecurity incident are far-reaching with the potential to affect a company’s reputation and day-to-day business for months if not years as they work to mitigate the impact.

Cyber liability insurance, a relatively new offering in the insurance world, covers a business’ liability for a data breach, providing monetary relief for the expenses associated with responding to a breach. Among the potential costs:

·        Business income and extra expense: Expenses and/or lost income as a result of a full or partial shutdown of your computer system because of a hacker attack, virus or other insured event.

·        Loss of data: Cost to restore or reconstruct data that was lost or damaged due to a virus, hacker attack or other covered cause.

·        Associated costs: Costs associated with a data breach, including the cost of notifying affected customers as required by law and providing credit monitoring to affected customers.

·        Cyber extortion: Costs associated with an extortion threat or ransomware.

·        Crisis management: Cost of hiring public relations, legal and/or computer forensics consultants to help manage investigations, community and media outreach, and other related matters.

Cybersecurity provides protection, peace of mind

It’s not a matter of if a business will be attacked, but when. No company, regardless of size, is immune to the dangers of a cyberattack.

Businesses using electronic data of any kind – from credit card information and medical records to email and social media – should add a layer of protection with cyber insurance offerings. In addition to protections should the worst happen, cyber risk management can give companies:

·        Trusted advice from insurance experts on how to to increase security and close safety gaps in an effort to reduce the likelihood of a breach.

·        Peace of mind that the company will be covered financially if a breach occurs.

·        The ability to assure customers that their data is protected, and respond swiftly and effectively to a breach.

Cyber risk management can help identify security risks, suggest procedural changes to mitigate attacks or work with forensic professionals to investigate a breach that has already occurred. Getting the right protection well ahead of time ensures companies and their business lifelines are protected.

Learn more about our business insurance, and how your organization can protect itself from potential cyberattacks.