How much does your cyber liability insurance cover?
You'd think that a behemoth retail chain like Target would have an insurance policy befitting its size, and before the 2013 data breach, its cyber insurance limits probably seemed high enough. But the figures for 2014's cleanup costs are in, and it looks like Target's policy only covered a fraction of its data breach expenses.
Here is a rundown of Target's expenses, courtesy of report by Advisen:
- 2013: $61 million total; insurance covered $44 million
- 2014: $191 million total; insurance covered $46 million
- Total data breach expenses so far: $252 million
- Total covered by insurance so far: $90 million
- Total Target paid out of pocket: $162 million
Though $90 million seems like a lot of coverage, it's not much of a salve when faced with a $162 million hit to Target's bottom line. Plus, the data breach costs are still rolling in, so $252 million isn't the final count.
What's driving these costs? You may have heard that several banks are suing Target over the cost of replacing customer credit cards, but that's just the start of Target's money hemorrhage. Other costs stem from:
- Investigating the breach
- Repairing security weaknesses
- Complying with breach notification requirements
- Offering credit-monitoring services for breached customers
- Hiring a legal defense team to respond to lawsuits
- Curbing reputational damage through PR measures and advertising
Target's cyber insurance can help cover these costs, but the policy's limits aren't high enough to bear the majority of the costs. The good news is that Target's misfortune can be a learning opportunity for your business. Let's take a look at some ways you can ensure your cyber liability insurance policy's limits are appropriate for your risk.
Choosing adequate insurance limits: How high is too high?
Your best bet for getting adequate insurance coverage is to work with an insurance agent. And that's not our bias talking. An experienced insurance agent can help you…
Understand your risks
Evaluating your exposures is best left to the pros unless you have a preternatural knack for data breach risk analysis. Even then, it never hurts to have an objective party weigh in. At insureon, our agents are trained by the industry, which gives them firsthand insight into your field's most pressing risks.
Match policies to your risks
Once your agent has assessed your risks, they find insurance policies designed to address those exposures. For data breach protection, your agent may point you toward one of two cyber risk insurance policies: first-party response or third-party defense coverage. First-party response handles data breach notification costs, security repair expenses, and reputational damage costs. Third-party defense coverage can address lawsuits related to the breach if you were responsible for building the security infrastructure that was compromised.
Find adequate insurance limits
If you choose limits that are too high, you'll probably pay an arm and a leg for coverage you don't necessarily need. Choose limits that are too low, and you'll be in Target's situation: uninsured at a time when you need coverage most. Good thing your agent is an insurance whisperer and can help you pick limits that appropriately address your level of risk.
Take advantage of money-saving options
For example, if you qualify for a business owner's policy (BOP), your agent may recommend adding cyber liability insurance to your bundle. That way, you can reduce your insurance spending and still get adequate data breach protection. Read more about that here: "Want data breach insurance? Try putting it in your BOP."
Compare quotes from trusted carriers with Insureon
Complete Insureon’s easy online application today to compare insurance quotes from top-rated U.S. carriers. Once you find the right policy for your small business, you can begin coverage in less than 24 hours.