This spring cybercriminals shut down the Colonial Pipeline Company for five days. They demanded a $4.3 million ransom and cut off almost half the supply of oil to the U.S. east coast. Another group attacked JBS, the world’s largest meat processor. They forced the shutdown of nine beef plants and disrupted production at poultry and pork plants.
Network hacks and data breaches are rampant! Cyber liability insurance is an essential part of your risk management plan.
If companies as sophisticated as they are can be infiltrated, your business is vulnerable too.
That’s why cyber liability insurance is a key coverage for a whole host of reasons, from phishing attacks to email spoofing to wire fraud. Today we’re diving into two main coverages you should consider ransomware and PCI compliance.
Understanding Ransomware and PCI Compliance
Help, my data’s being held for ransom!
The biggest issue here is not the loss of data, it’s your loss of its use.
Ransomware attacks shut down your networks. You’re left unable to conduct any business until you pay the ransom weeks or months later.
Does your business rely on a network?
Whether a small retail store or a large office, you are at risk.
Your risk increases with hybrid/remote workers as you cannot control their home networks to ensure necessary safety compliance.
With the right cyber liability policy, the insurance company can step in and negotiate a release of your data. Often, they’ll pay the ransom, cover loss of income and the forensic team to prevent future attacks. This brings us to the second concern, data breaches.
What happens when your business has been hacked?
Help, my customer database has been hacked!
Payment Card Industry (PCI) regulation was designed to ensure that any company that accepts, processes, stores, or transmits credit card information will maintain a secure environment.
Companies are held liable if customer’s personal data is stolen.
The law requires you to notify customers and provide a year of free credit monitoring to anyone who was potentially harmed. That can get very expensive, very quickly.
Even if you’ve hired a third-party vendor to handle incoming payments, you’re still liable. Those contracts are carefully written to shield the vendor from responsibility.
If the vendor gets hacked and your customers are affected, you’re on the hook if your customer is harmed or decides to sue.
How can Cyber Insurance protect your business?
Cyber liability can save your business
With the right cyber liability insurance, the insurance company will step in and defend you in any lawsuit, pay the settlement, and make the customer whole for any losses experienced.
A single data breach could result in a massive legal bill. Realistically, it could mean the difference between keeping your business open – or not.
Then there’s the expense of hiring a forensic team.
They’ll figure out who was hacked, how far into your system the hackers got, what they took, and if they left any Trojan horses behind to make future attacks possible.
Some cyber liability carriers will include coverage for forensic cyber analysts to root out those issues.
Not all cyber liability policies are created equal.
What are your cyber concerns? Leaks of your customer’s personal information from your third-party vendor? A ransomware attack that shuts you down for a month?
It’s crucial to work with a broker who understands cyber liability, knows the marketplace and the carriers, and understands your business. Some carriers will provide only the basics for PCI compliance notification, others will provide more in-depth coverage for lawsuits and ransom payments.
A few moments and a few dollars spent with your broker now can protect your bottom line and the future of your company.