Cyber insurance is an important coverage to have in your business insurance policy. You’ve no doubt heard or read a story about the impact of cyber breaches on large multi-national corporations, governments or charities that result in tens of millions of clients, citizens or donors being affected. Despite these types of high-profile cases, many businesses are still unclear as to whether their business insurance policy covers cyber risks or they feel that cyber insurance coverage is not something they need.
We’d like to help clear up some of the misconceptions that are out there about cyber insurance coverage by looking at questions we often hear from our customers.
“Aren’t I protected from cyber risk exposures with my general liability insurance policy?”
This is a common misconception among business owners. Many assume their current insurance policy covers cyber through property or liability coverages, but that often isn’t the case. Data isn’t considered a tangible property so it’s typically excluded under a property policy. Damages from loss or corruption of electronic data, loss of income resulting from a computer virus or malware or DDoS attack, and certain expenses like extortion expenses are not covered under traditional liability or property policies. Only cyber insurance coverage protects you from those unique risks.
“We’re not a mega-corporation, so do we really need cyber insurance coverage?”
Cyber insurance is more than coverage against malicious hackers and cyber criminals – it also covers human error and losses caused by employees. A 2016 report sponsored by IBM and conducted by the Ponemon Institute on the cost of data breaches in Canada found that while most breaches were the result of a malicious attack, 25% of them were still due to negligent employees or contractors1. What’s more, a 2016 report from Symantec found that small and medium sized businesses are increasingly becoming a target. Data collected from 2011 to 2015 shows a steady increase in cyber attacks on businesses with fewer than 250 employees2. Small and medium sized businesses can be ideal targets for cyber criminals as these businesses don’t have the same resources and budgets dedicated to training and prevention as large corporations do.
“Can’t I manage on my own without needing cyber insurance coverage?”
Ask yourself: Do you have an incident response plan, disaster recovery plan and a business continuity plan? Unfortunately, many businesses don’t. Dealing with a cyber breach can be expensive and cyber insurance coverage is designed to help cover the costs associated with the breach. Beyond the direct costs of dealing with and recovering from a cyber attack or data breach, there are also other costs that are harder to calculate.
The untold impact of a data breach is the reputational damage it can cause your business. Customers are equally worried about the security and privacy of their data when dealing with businesses. A 2016 research report by FireEye found that 76% of respondents would likely stop purchasing from a company if they felt their data wasn’t handled properly3. If a privacy incident is not properly handled, it can be devastating to the survival of your business.
If you’re still not sure about cyber risk coverage, contact us. We can help you determine exactly what you need to ensure your business is protected.
1June 2016, Ponemon Institute’s 2016 Cost of Data Breach Study Canada Page 8
2Symantec 2016 Internet Security Threat Report page 44
This blog is provided for information only and is not a substitute for professional advice. We make no representations or warranties regarding the accuracy or completeness of the information and will not be responsible for any loss arising out of reliance on the information. Terms, conditions and exclusions apply to coverage, see policy for details.