Does your cyber insurance have business interruption coverage?

Blog headshot of Cyrus Vanover
As the saying goes, "time is money," and when data breaches and other issues stand in the way of doing business, they can add up to real dollars lost. Find out how business interruption coverage in cyber insurance can minimize the impact of an interruption.
A cybersecurity consultant reviews a client's cyber policy with them

Cyber risk is something that all small businesses should be concerned about.

Each year, millions of records are stolen and used for identity fraud, extortion, and other devious reasons to gain a business edge against competitors.

The effects can be devastating. In 2023, the average financial damage from a cyberattack was $4.45 million, and nearly 43% of all cyber threats targeted small businesses.

To protect themselves, many businesses purchase cyber insurance policies, which provide critical cybersecurity support to help them get back on their feet after an attack. Not all cyber insurance coverage is the same though, and some policies may not offer business interruption coverage for lost revenue after an attack.

There are a few important things you should know about this type of coverage to help you find the best policy for your needs.

Get cyber insurance for your business with Insureon
Small business owner looking for insurance quotes on their tablet.

What is cyber insurance?

According to a study by IBM and the Ponemon Institute, it can take an average of 241 days to resolve a cyberattack if the affected business discovers it. It can take up to 320 days to resolve if the hacker discloses it. Businesses can suffer significant downtime and financial damage during and after an attack.

Cyber insurance protects small businesses from data breaches, ransoms, and other business risks. It provides financial and other support to help them resume operations.

There are two types of cyber coverage: first-party and third-party. Many businesses have both types of coverage.

First-party coverage

First-party coverage is for the direct losses and expenses a business incurs from a cyberattack.

Some things first-party cyber liability insurance may cover include:

  • Data recovery from a server outage
  • Lost income from business interruption
  • Ransomware payments
  • Vulnerability assessments
  • Business reputation management

Third-party coverage

Third-party coverage is for claims made by third parties after a cyberattack, such as personal information for a client or customer.

For example, if customer information is hacked and used for fraudulent purposes, one or more victims could sue the business for compensation.

A third-party cyber insurance policy may cover:

  • Legal fees
  • Financial settlements
  • Lawsuit judgments

How can a cyberattack lead to business interruption?

There are several ways that a cyberattack can interrupt a business’s operations. It can cause significant productivity delays and other issues as the business works to restore its systems, which can lead to:

Loss of sales

Many businesses rely on sophisticated computer networks, point-of-sale (POS) systems, databases, and other technologies. A cyberattack can disrupt these systems, which may interrupt business operations.

If a POS system goes down, for example, the business may not be able to make any sales. Or, if servers are affected, the business may not be able to operate online services or communicate effectively.

To further complicate things, an attack on one system could affect other systems, resulting in a domino effect that spreads throughout the organization and causes a widespread system failure.

Labor inefficiencies or breakdowns

A cyberattack could result in significant problems with getting things done. Many manufacturing companies, for example, rely on machinery and computer systems that are software-controlled. If these systems are targeted in a cyberattack, it could shut down production.

Work may continue if a business is able to switch to manual operations, but the production rate may be decreased, or it may cause production errors.

Employee overtime

Employees may have to work long hours after a cyberattack to make sure the production rate stays on target, especially if additional training is needed to learn new systems or adjust to new security protocols.

Customer service may also have to work longer hours to address questions and complaints from affected customers. This could result in significant employee overtime and a decrease in job satisfaction if workers don’t have sufficient time off.

Loss of customer trust

If a cyberattack makes the news, customer trust could be severely damaged, which could decrease revenue. Professional reputation management services may be needed to help it recover. This could be costly, and it could also divert management's attention from regular business operations.

You may also like
Factory burns and emits black cloud of smoke.
What's your business continuity plan?
Most companies can't survive a long interruption after a disaster strikes, but a business continuity plan can prop up your business until you're back in action.

Can my cyber insurance cover a business interruption?

A cyber insurance policy provides coverage for several things, which may include business interruptions.

Business interruption coverage provides compensation for income losses, the cost of relocating to temporary facilities, and other expenses that may be incurred when normal business activities are interrupted due to a ransomware attack or other cyber event.

It’s an important lifeline that can help business owners weather the storm and quickly return to normal operations.

Network business interruption coverage isn’t something you should skip. Depending on the severity of the attack, it could take a while to recover. If your business doesn’t have network interruption insurance, you may not be able to pay your employees, make your note payments, and pay for other business expenses. The financial losses could force your business to close.

It’s important to keep in mind that not all cyber insurance policies offer business interruption cyber insurance. Be sure to carefully review your policy or one you are considering to make sure it includes this type of coverage.

What other insurance coverages do I need to protect against business interruptions?

Another type of coverage you should consider to protect your company from business interruptions is an electronic data processing (EDP) policy. It can protect your business's electronic data processing equipment and the data it contains from a localized or systemic failure.

It covers physical damage to your computers, backup systems, software, smartphones, and tablets, as well as data loss from a fire, power surge, or natural disaster. It also covers damage or data loss from a security breach involving malware, ransom payments, denial of service, and other malicious cyberattacks.

Equipment breakdown coverage is one more type of policy that can help you recover from a business interruption. It will help your business pay for machinery or equipment repairs if they break down or if you experience an electrical failure.

Equipment breakdown coverage protects your company's production machinery, electrical systems, computer equipment, and other business equipment.

Get cyber insurance for your business with Insureon
Small business owner looking for insurance quotes on their tablet.

Know your cyber insurance policy

Understanding what a cyber insurance policy covers can help you find the right coverage for your needs. Not all policies are the same, which is why it’s important to compare them to make sure you get the right coverage.

Here are some things to consider as you review and compare policies:

Coverage limits

A coverage limit is the maximum amount that insurance companies will pay for something. Once a limit is reached, the policy will no longer pay for any additional claims.

Policy coverage limits may be for a specific period, which is usually one year and starts over when the policy renews. Coverage limits could also be per-occurrence or for certain coverage areas.

Insuring clause

This is something you want to pay close attention to because it outlines the specific things the policy covers in a cyber incident. For example, it may state that it includes coverage for legal fees, data recovery, ransomware payments, and other things.

Definitions and exclusions

This clause clarifies what is and what is not covered. It provides clear definitions of terms to help you determine coverage. It will also state specific things that are excluded from coverage, like intentional acts or a failure to maintain backups.

Waiting period and recovery period

The waiting period refers to the period of time that must pass before coverage applies. For example, a policy that covers business interruptions may have a 24-hour waiting period after an attack.

The recovery period refers to how long a business can receive compensation after an attack. If a policy has a 60-day recovery period, for example, the business may be compensated for up to 60 days.

Retention

Retention is very similar to a deductible. It refers to the amount the policyholder must pay per incident before the policy pays. With a deductible, the amount that a policyholder must pay is typically for a policy period instead of per incident.

You may also like
Small business owner reviewing notes with a client.
How much cyber insurance do I need?

Evaluating the risk of a cyberattack and the related costs of data recovery and legal expenses can help you determine how much cyber liability insurance your small business needs.

What is contingent business interruption coverage and do I need it?

Contingent business interruption coverage (CBI) is insurance your business needs if it shares resources with a third party — like a supplier or service provider.

The resource could be an online collaboration tool, an inventory management system, or something else. Although CBI sounds similar to cyber insurance business interruption coverage, they protect your business in different ways.

CBI covers losses to the policyholder incurred when a third party experiences a cyber event affecting a shared resource. For example, if you share a database with a supplier that experiences a cyberattack, CBI will protect your business if the database is affected.

Get the right coverage to protect your business with Insureon

Finding the right cyber insurance policy for your needs and budget is easy with Insureon. Just fill out our easy online application to receive free quotes from trusted providers.

Our expert insurance agents are available to answer any questions and help you find affordable small business insurance for your needs. Most businesses can get same-day coverage and easily download a certificate of insurance as proof of coverage right away.

Cyrus Vanover, Contributing Writer

Cyrus is a finance and insurance writer who is passionate about helping people and businesses succeed. He is also the author of the book "Earn a Debt-Free College Degree." He has written for some of the largest financial institutions in the country including TD Bank, Citizens Bank, and many credit unions. Cyrus has also contributed to Newsweek. Based in the Blue Ridge Mountains of Virginia, he enjoys hiking the local trails and exploring old Civil War battlefields and other historical sites in his spare time.

Get business insurance quotes from trusted carriers

What kind of work do you do?