What is cyber liability insurance?
- Cyber liability insurance
Cyber liability insurance can pay for expenses if a small business suffers a data breach or malicious software attack, including customer notification, credit monitoring, legal fees, and fines.
When do businesses need cyber liability insurance?
When criminals infiltrate a network, steal data, or hold data hostage, the business they steal from could be held liable. A data breach at a small business can end up costing thousands of dollars in customer notification expenses, attorney's fees, and fines or settlements.
In fact, the average cost of a small business data breach is $86,500, according to the internet security firm Kaspersky Labs. The coverage included in cyber liability insurance pays these costs, allowing your company to survive a breach.
Small businesses are a common target for cyberattacks
Many business owners assume hackers won’t target their small business, but a recent report by Verizon found that 61% of all cyberattacks hit small businesses. These attacks are often successful since small businesses are less likely to have a strong defense.
Hackers often target retailers, healthcare organizations, and financial service providers, but any business can fall victim to a data breach. Cyber liability insurance is a key policy for companies that handle sensitive information, work in the cloud, or operate in cybersecurity.
Businesses that purchase this policy typically handle:
- Credit card or bank account information
- Medical information
- Social Security or driver license numbers
- Customer names, email addresses, phone numbers, and addresses
- Cybersecurity for other businesses
First-party versus third-party cyber liability insurance
There are two types of cyber liability insurance. First-party coverage helps cover expenses when your network is hacked or your data is stolen. Third-party coverage offers protection when a client sues your company for failing to prevent a breach at the client's business.
First-party cyber insurance can cover:
- Cyber extortion payments
- Hiring an expert to investigate the breach and assist with regulatory compliance
- Notifying affected customers
- Customer credit and fraud monitoring services
- Crisis management and public relations
- Business interruption expenses, such as the cost of hiring additional staff, renting equipment, or purchasing third-party services
Third-party cyber insurance can cover:
- Legal defense costs
- Settlements if you and the client settle out of court
- Judgments you're legally obligated to pay after a data breach
- Other court costs
Examples of data breaches
Cybercrime is a multibillion-dollar industry. Security firms constantly struggle to stay one step ahead of hackers looking for lucrative victims. Even with careful security measures in place, catastrophic data breaches can, and do, occur.
Here are a few examples:
- In May 2015, CareFirst BlueCross BlueShield had 1.1 million records compromised after hackers gained access to a database that members use to interact with the company's website and services.
- In March 2016, hackers stole the information of about 1.5 million customers from Verizon Enterprise Solutions.
- In May 2017, the WannaCry ransomware cryptoworm struck worldwide. It encrypted data and demanded ransom payments in Bitcoin.
- In July 2017, Equifax experienced a massive data breach that compromised the personal information of 143 million Americans.
Cyber liability insurance costs
Cyber liability insurance can be an affordable option for a small business. Several factors affect policy costs, including:
- Amount of sensitive data handled
- Your industry
- Coverage limits
- Number of employees