You’ve no doubt heard or read a story about the impact of cyber breaches on large multi-national corporations, governments, or charities that affect tens of millions of clients, citizens, or donors. But despite these types of high-profile cases, many businesses are still unclear as to whether their business insurance policy covers cyber risks, or they feel that cyber insurance coverage is not something they need.
Cyber insurance is an important coverage to have in your business insurance policy. We’d like to help clear up some of the misconceptions that are out there about cyber insurance coverage by looking at some frequent questions from business owners.
“Aren’t I protected from cyber risk exposures with my general liability insurance policy?”
This is a common misconception among business owners. Many assume their current insurance policy covers cyber risks through property or liability coverages, but that often isn’t the case. Data isn’t considered a tangible piece of property, so it’s typically excluded under a property policy.
Damages from loss or corruption of electronic data, loss of income resulting from a computer virus or malware or DDoS attack, and certain expenses like extortion expenses are not covered under traditional liability or property policies. Only cyber insurance coverage protects you from those unique risks.
“We’re not a mega-corporation, so do we really need cyber insurance coverage?”
In a poll conducted by The Insurance Bureau of Canada in 2019, nearly one in five business have been affected by a cyber attack or data breach in the last two years. Half of the small business owners that were surveyed reported that they believe that their business may be vulnerable to a cyber security attack.
A 2018 report sponsored by IBM and conducted by the Ponemon Institute reports that year over year, the cost and average size of a data breach have all increased. No matter the size of the business, once customers find out about a data breach, this impacts customer trust and may lead to losing business as a result.
If data breaches are on the rise, and nearly half of current small business owners believe that they may be vulnerable to a cyber breach, it seems more important than ever that small and medium businesses have cyber insurance coverage.
“Can’t I manage on my own risks without needing cyber insurance coverage?”
Ask yourself: Do you have an incident response plan, disaster recovery plan, and a business continuity plan? Unfortunately, many businesses don’t. Dealing with a cyber breach can be expensive and cyber insurance coverage is designed to help cover the costs associated with the breach.
Beyond the direct costs of dealing with and recovering from a cyber attack or data breach, there are also other costs that are harder to calculate. Of the businesses that reported a cyber security incident in 2017, 58 per cent experienced downtime as a result of the incident and 54 per cent found the event prevented employees from carrying out day-to-day work, according to Statistics Canada. Meanwhile, 53 per cent reported that the cyber attacks prevented the use of resources or services (for example, desktop computers or email).
The untold impact of a data breach is the reputational damage it can cause your business. Customers are equally worried about the security and privacy of their data when dealing with businesses. If a privacy incident is not properly handled, it can be devastating to the survival of your business.
We can help
To learn more about our insurance offerings, and how they can help your business, visit our business insurance page today. We can help you determine exactly what you need to help ensure your business is protected, so you can continue to work worry-free.
This blog is provided for information only and is not a substitute for professional advice. We make no representations or warranties regarding the accuracy or completeness of the information and will not be responsible for any loss arising out of reliance on the information. Terms, conditions and exclusions apply to coverage, see policy for details.