Cyber Insurance
Protection from data breach & hacking incidents
Can't find your industry?
200,000+ Businesses Served
A+ Better Business Bureau Rating
Our customer rating on Feefo is 4.6/5 stars
Most Innovative Insuretech

Cyber Liability Insurance

What Is Cyber Liability Insurance?

Cyber Liability Insurance helps businesses survive data breaches and cyber attacks by paying for recovery expenses. When cybercriminals infiltrate a network, hold data hostage, or acquire sensitive data, the company they steal from can be held liable for the incident. That's where Cyber Insurance comes in. It can often pay for customer notification, credit monitoring, legal fees, and fines after a business experiences a breach.

Without Cyber Liability Insurance coverage, these costs can be overwhelming. A report from Internet security firm Kaspersky Labs claims the average cost of a small business data breach is $86,500. And while many small-business owners think they're not targets for hackers, the opposite is actually true. According to Property Casualty 360, 62 percent of all cyber attacks hit small- and mid-sized businesses.

Why are cybercriminals attracted to small businesses? First, they like to go where the money is, and many small-business owners…

  • Accept credit cards.
  • Store customer information.
  • Conduct business online or in the cloud.

On top of that, small-business owners are less likely to have a strong defense against hackers.

If these things are true for your business, you could face a data breach and all the costs that go with it. But with Cyber Liability coverage, you have the funds to recover, rebuild, and restore your customers' faith.

The average cost of a small business data breach is $38,000.

What Does Cyber Liability Insurance Cover?

For many small businesses, Cyber Liability Insurance is available both as a standalone policy and as an add-on to a Business Owner's Policy.

The two major types of Cyber Liability Insurance are first-party and third-party. First-party coverage can help cover expenses when your network is hacked or your data is stolen.

Third-party coverage offers protection when a customer or partner sues you for allowing a data breach to happen (either because of something you did or failed to do). Depending on your needs, you may choose either or both types of coverage.

First-Party vs. Third-Party Cyber Liability Insurance

The type of data breach insurance you need depends on the work your business does. Below are key things to keep in mind when considering which type of Cyber Liability Insurance to buy.

First-party response may cover…

  • Legal and forensic services to determine whether a breach occurred and to assist with regulatory compliance.
  • Notification of affected customers and employees, including costs such as letter preparation and mailing.
  • Customer credit and fraud monitoring services.
  • Crisis management and public relations to educate your customers about the breach and rebuild your company's reputation.
  • Good faith advertising.
  • Business interruption expenses, such as costs for additional staff, rented or leased equipment, or use of third-party services.
  • Cyber extortion reimbursement for credible threats to introduce malicious code, to pharm and phish customer systems, or to corrupt your computer system.

Third-party defense and liability may cover…

  • Judgments, civil awards, or settlements you're legally obligated to pay after a data breach.
  • Electronic media liability, including infringement of copyright, domain name, trade name, service mark, or slogan on an intranet or Internet site.
  • Potential coverage for employee privacy liability as well as network security and privacy liability.

Who Needs Data Breach Insurance?

Many small-business owners may not think they need Cyber Liability coverage, but small businesses are vulnerable to security threats. You may want to have this protection if your business handles…

  • Customer payment, credit, or bank account information.
  • Medical information.
  • Social Security or driver's license numbers.
  • Customer names, email addresses, phone numbers, and addresses.

Retailers, healthcare organizations, and financial service providers (like accountants) are especially hot targets for breaches and attacks. But all it takes is one employee mistake, unauthorized access by a former employee or vendor, an unshredded document, a skilled hacker, or a stolen laptop to trigger a breach. It can happen to any business, so cyber insurance is a smart safeguard.

Free eBook Download

Retailers are a top target for hackers. Download the free eBook Data Breaches and Retail: A Guide for Small-Business Owners for tips on how to protect your shop.

Examples of Recent Data Breaches

Online criminal activity has steadily increased with the spread of Internet usage, and security firms are in a constant struggle with hackers to stay one step ahead. Even with careful security measures in place, catastrophic data breaches can, and do, occur.

Here are some recent examples:

  • In January 2014, as many as 110 million Target customer records were compromised.
  • In April 2014, the security bug known as Heartbleed was discovered in the OpenSSL cryptography library. OpenSSL is software used by many websites to provide secure, encrypted data transfer for customers and businesses. This bug allowed user data to be accessed by other, non-authorized parties. Such data included usernames, passwords, and encryption keys.
  • In August 2014, the New York Times reported that Russian hackers had gathered more than a billion Internet passwords.
  • In May 2015, CareFirst BlueCross BlueShield had 1.1 million records compromised after hackers gained access to a database that members use to interact with the company's website and services.
  • In March 2016, hackers stole the information of about 1.5 million customers from Verizon Enterprise Solutions.

Minimizing Your Cyber Liability Exposure

If your customers' sensitive information is compromised, there's a good chance they'll opt out of doing business with you in the future. Similarly, potential customers who hear about the security breach might be less likely to work with your firm. Cyber Liability Insurance can help you minimize the negative impact of a data breach by offering the resources you need to act quickly.

But it's best to think of your cyber insurance as a last line of defense. Be proactive and reduce the likelihood of a data breach before it happens.

  • Keep sensitive information on a "need to know" basis. Use passwords or physical locks to keep sensitive electronic data and physical files accessible only to those who need them to do their jobs.
  • Deploy extensive network security and firewalls. If you have remote employees, limit the use of portable technology and provide a virtual private network (VPN) connection for access to company computers.
  • Train employees on proper care and control of customer data. Ensure employees understand the sensitivity and liability related to customers' financial and personally identifiable information. Document processes and conduct regular training sessions as well as security audits to ensure compliance.

Cyber Liability Insurance: Further Reading