Evaluating the risk of a cyberattack for your industry and the related costs of data recovery and legal expenses can help you determine how much cyber liability insurance your small business needs.
Cyber liability insurance helps you financially survive the costs of data breaches and cyberattacks. Any small business owner with a computer and an Internet connection faces a certain level of cyber risk, as cyber criminals can target them with phishing, malware, and ransomware attacks.
Cyber liability insurance not only provides coverage for the cost of recovering from a data breach, but also provides assistance with the lawsuits that often result. Your legal costs could include attorney’s fees, court-ordered judgements, and settlements.
Additional costs may include:
The amount of cyber liability coverage you need depends on your business, your industry, and the type of personal information or customer data you handle.
If your company stores personally identifiable information (PII) on its computers, you could face expensive lawsuits and government fines over stolen data. PII includes full names, Social Security numbers, driver’s license numbers, bank account information, credit card information, and email addresses.
Most small businesses purchase a cyber liability insurance policy with a $1 million per-occurrence limit, a $1 million aggregate limit, and a $1,000 deductible. If a data breach costs a business about $250 per client or customer record, this coverage limit will be high enough to protect any business that handles a few thousand records.
Your risk is especially high if you handle any records that fall under the Health Insurance Portability and Accountability Act (HIPAA), which set national standards for protecting personal information and reporting compromised data. HIPAA violations can result in hefty fines.
If your company handles data that may put it at higher risk, purchasing a cyber liability policy with higher coverage limits may be a smart option. Many policies have a maximum coverage limit of $5 million, but you can discuss your need for more coverage with your insurance provider.
It’s important to analyze the type of data your company handles and consider the costs you’d face after a breach. Keep in mind that cyber insurance policies can protect you against both first-party and third-party damages.
Your cyber insurance coverage may include first-party liability protection, third-party liability coverage, or both.
First-party cyber liability insurance protects your own business from the direct financial costs that a data breach or cyberattack can have on your business. This includes recovering data, notifying customers, and providing credit monitoring services for affected customers.
Third-party cyber liability insurance addresses legal costs if a client experiences a data breach and sues your business for failing to prevent it. This coverage is especially important for those who are responsible for cybersecurity, including IT consultants and network security companies. A client might sue them after a data breach and claim that the tech company failed to protect their data.
A per-occurrence limit is the maximum that your insurance company will pay for a single covered loss under the terms of your policy.
An aggregate limit is the maximum a policy will pay out for all claims during a policy period, which is usually one year.
The amount of cyber liability coverage independent contractors need depends on the type of work they do, who their clients are, and if they handle any data that they need to protect.
While it’s not likely that an independent contractor would need first-party cyber liability coverage, they might need third-party cyber insurance to protect themselves from lawsuits.
This is especially true if a client deals with PII, such as medical records. In fact, some clients that handle sensitive data require their contractors to have third-party liability coverage to assure them that you can pay for a cyber liability lawsuit if your work results in a data breach. Client contracts most often require a $1 million per-occurrence limit.
In today’s litigious society, a contractor could face expensive legal defense costs after a data breach, even if they were not at fault.
If your clients handle sensitive data, you may want assurance that they can handle a lawsuit or other data breach costs. It may be wise to encourage your clients to purchase cyber liability insurance, or even require it before you take on a risky project.
If you require that a client purchase cyber liability insurance in a work contract, you can specify the amount of coverage. Cyber liability policies have limits that range from $1 million to $5 million or more. This way, if a data breach occurs, you can potentially avoid legal costs by ensuring that your clients have the means to cover the cost of a data breach themselves.
You might be able to add cyber liability coverage (also known as data breach insurance) to a business owner’s policy (BOP), which combines general liability insurance and commercial property insurance under one policy, usually at a lower cost than if both policies were purchased separately.
General liability insurance covers common business risks such as a customer being injured, damage to a customer’s property, and advertising injury. Commercial property insurance covers business property damage and theft.
Third-party cyber insurance is often included in errors and omissions (E&O) insurance. E&O insurance covers the cost of a lawsuit if a client accuses you of failing to deliver on a contract or making a mistake. In the IT field, this bundle is also known as technology errors and omissions insurance, or tech E&O.
Complete Insureon’s easy online application today to compare insurance quotes from top-rated insurance carriers for cyber policies. Once you find the right policy for your small business, you can begin coverage in less than 24 hours.