Most small businesses have insurance to protect against burglaries and theft, but few have insurance coverage for cybercrimes. Yet, cybercrimes are a far greater threat than burglaries.
According to Forbes Magazine, small businesses are three times more likely to be the target of cyber attacks than large companies. Inc.com reports that 60% of small businesses that suffer from a cyber attack go out of business within 6 months after the attack. That’s significantly greater than the risk from a burglary. In 2021, New York businesses reported $560 million in losses from cyber attacks.
We get it. You own a small business. You don’t have the money to afford the extensive cyber defense systems a bank such as Citi can afford. And even if you could afford such defenses, companies like Citi and Microsoft lose money from data breaches.
Obviously, you can not protect yourself against cyber threats any more than you can change the weather. But you have insurance covering you for business losses from extreme weather events. You need coverage for cyber attacks, too.
Here, we will answer a few of the questions you may have, such as:
- What cyber liability insurance is
- What types of businesses need cyber liability coverage
- What cyber insurance covers
- Factors determining the premiums for cyber coverage
- Some tips to protect your business
- Some of the latest statistics involving cyber crimes
What Is Cyber Liability Insurance?
Cyber liability insurance, sometimes called data breach insurance, is a type of business insurance that can reimburse you for various expenses related to cyber breaches. It doesn’t cover losses covered by other types of insurance, like general liability.
Who Needs Cyber Liability Insurance?
Unless you’re running a cash-only Amish food business with no internet connection, you probably need cyber liability insurance. Ask yourself if your computers handle any of the following types of sensitive data:
- Customer’s credit and debit card information
- Customer bank account information
- Patient’s health information
- Social security numbers
- Driver’s license data
- Customer contact information
- Other customer’s personal information
It’s hard for a company with customers and computers not to fall within one of these categories. In New York City, you probably have customers that are especially attractive targets for cybercriminals.
In 2018, the New York Times ran a story on the Marriott data breach asserting that the attack was part of a larger effort by a foreign government to target Americans with security clearances.
New York City has many federal government workers based in town. It’s also home to the United Nations. It’s easy to see why New York businesses are an attractive target for cyber attacks. How does this affect you if you’re operating a small accounting firm?
Financial considerations are a key part of security clearances. Many federal government employees have security clearances. As an accountant or financial planner, you may have sensitive financial information about some people that have security clearances on your computers.
Foreign intelligence agencies like to target government workers that struggle financially since they’re more likely to accept bribes. The information on your computers may help these malicious governments identify who they can pay for national security information.
What Does Cyber Liability Insurance Actually Cover?
Depending on your policy, cyber liability insurance can cover you for losses related to the following:
- Ransomware attacks
- Investigation of a data breach
- Fixing security flaws
- Notifying customers of the security breach
- Paying for affected customers’ consumer and fraud monitoring services
- Paying fines if you’re not in compliance with industry standards
- Hiring a public relations firm to repair your reputation
- Legal fees for lawsuit defense
- Lawsuit settlements and judgments
- Lost income from your computers being offline
Cyber liability insurance does not cover all issues involving your computers. For example, if an employee shows another employee pornography on their computer. This pornography may offend the second employee, resulting in a sexual harassment claim.
Though this scenario involves a computer, it might be covered by your employment practice liability insurance (EPLI) instead of your cyber liability policy.
Common Types of Cyber Liability Claims
The cost of identity theft is the most common claim customers bring against companies suffering from a data breach. This usually involves criminals using your customers’ credit card numbers to make purchases for themselves.
Consumers aren’t the only ones that may bring claims against you for a data breach. Other businesses may pursue you. For example, if you’re running an IT security firm and your mistake allowed the data breach, expect your clients to file lawsuits.
The same issue arises with small manufacturers. Sometimes, a breach at a firm can expose the data of other companies within the supply chain. Businesses affected by lapses in security at your business will want compensation from you.
How Much Does Cyber Insurance Cost?
The same choices that affect premiums for all insurance policies impact your cyber insurance premiums — the coverage limits and the deductibles. Other factors considered when setting your premium rates include:
- The nature of your business
- The number of employees you have
- The amount and nature of sensitive information you keep on your computers
- The level of cyber security you have in place
Consider a credit counseling firm versus a deli. The credit counseling firm probably keeps social security numbers, driver’s license information, and credit card information of their customers. The deli probably only has credit card information when a customer swipes their card at the cash register. All else being equal, the credit counseling firm will probably have a higher premium.
Companies with more employees pay higher premiums because there are more people available to make a costly mistake. It only takes one employee opening the wrong email to infect your entire computer network.
Don’t Fall Victim to the Cost of Not Having Cyber Liability Insurance
As mentioned above, the majority of the time, small businesses that suffer a cyber attack will be out of business within six months. You need the right insurance coverage to prevent this.
2022 Cyber Attack Statistics and Trends
Cyber attacks were up sharply in 2021, and this trend has continued into 2022. Forbes Magazine reports cyber criminals can penetrate 93% of business computer networks.
The chart below shows how much cyber crimes increased between 2020 and 2021 for some industries that have many small businesses.
The data for this chart is from a survey by Check Point software.
These industries include small businesses like:
- Doctors’ offices
- Metal fabrication shops
- Insurance brokerages
- Financial consultants
Remember that small businesses are three times more likely to attract cyber criminals.
What Can I Do to Protect My Business?
It’s a good idea to have a three-pronged cyber defense strategy. First, work hard to prevent a breach. That means having good protection software and firewalls. You can’t afford to hire your own cyber security department. But it’s a good idea to consult a cyber security firm when deciding what preventive measures to take. Some of our policies provide cyber security coaches and teams for you.
Second, have your office network perform daily backups. Ideally, these backups will be to local storage and the cloud. This way, you’ll be able to restore the most recent data before the attack.
Many companies follow such practices, but that isn’t enough to ensure protection since 93% are vulnerable to hackers. So the best tool to limit your risk is cyber liability insurance. To get the best coverage, you must work with an insurance brokerage that understands cyber risks. You need a broker that has access to products from many carriers so they can help you find the right fit.
Reach out to Honig Conte Porrino today. You can call our Manhattan office at (212) 777-7113. We’ll find the right cyber liability insurance for your business. You’ll rest much easier knowing your company has complete protection from cyber attacks.