Suddenly, your website is inaccessible. Down. Dead. It looks like your website has been DDoS'd (denial-of-service attack), and now your visitors can't access the information on your website or worse: Be unable to purchase items from your web server. Another possibility is that if you have a hole in your web server that hasn't been patched, they may be able to access personal data (think names, SSNs, credit card information, etc.).
Cyber Liability Insurance could protect your small business from cyber attacks such as these.
In 2011, the average cost of a data breach for a business was $5.5 million (that's $194 per compromised record!). Causes of data breaches were the following:
- 24% System Glitches
- 37% Malicious Attacks
- 39% Negligent Insiders
Many small businesses may ask the question: Why does my small business need Cyber Liability Insurance? Lets go over the basics & see if this type of coverage works for you.
1. It's cheaper than you might believe
Cyber Risk Insurance a relatively new type of coverage with a lot of variation among policies depending on the type of business you run. If you have most of your bases covered (dependable hosting, strong password protection, firewalls, anti-virus protection, etc.), you can probably earn quite a few discounts much like a 'good-driver' discount. When you are getting cyber risk insurance, make sure to ask your agent if you apply for any discounts.
2. Even if you don't host your own website, you are still liable for any damage that occurs
This also includes any crucial data that is lost when it is stored in the cloud. One of the most reliable web hosting service, EC2, which is owned and run by Amazon permanently destroyed some customer data. When the system went down, it took down some sites of high-profile companies for hours, and some even days, in addition to destroying cloud data files in the process. EC2 is still widely known as one of the most reliable, redundant online storage systems in the world.
3. A General Liability Insurance policy won't cover you
Most General Liability Insurance policies do not cover any losses due to the Internet (many specifically list this). Cyber liability also typically covers any devices that are damaged due to a cyber attack or an error by a host. Try to think of cyber liability insurance as an add-on to your General Liability Insurance. This is due to what must be performed when a system is compromised. Typically, this includes costs such as notifying your customers of the breach, investigating what was breached, credit monitoring, litigation, and government fines. That doesn't even include the cost of lost customers & brand damage.
4. 72% of all Data Breaches occurred in small or medium sized businesses
According to the U.S. Secret Service & Verizon Communications, a whopping 72% of online attacks were targeted at small or medium sized businesses. Most of these attacks could have been prevented by utilizing typical data security practices such as practicing strong password protection & having email spam filters to sift out the bad links passed in phishing email scams. Strong password protection includes using special characters (! @ # $ % ^ & * ( or )) and also very important: password length & the use of upper and lower case characters. Additionally, conducting a PEN test (or, Penetration Test) on your equipment can help.
Now that we've gone over the reasons to have Cyber Liability Insurance for your small business, lets look at what the best practices are to avoid a data breach:
- Assess risks by identifying and classifying confidential information
- Educate your employees about data security procedures & policies
- Implement data loss prevention & protection technologies
- Hire a security company to assess any other risks