Cyber security insurance- What is it and why do I need it?

What is cyber security insurance?

Does your business maintain electronic records with personal data on your clients?  Is your company prepared to absorb the significant financial implications associated with an unauthorized breach of that data?  Could a virus cripple your PC network?  If so, do you have enough cash reserves to make up for the downtime or can you survive the loss of buisness.

If you can’t answer any of these questions, it may be the right time to call us and ask about cyber security insurance.  In case you’re wondering, that’s a catch-all term for policies that cover hacked computers, virus attacks, denial-of-service attacks, web content liability and other technology-related areas.    Cyber security also goes by e-commerce, e-buisness, information security, cyber risk, network security or hackers insurance.

As a business owner, you know that electronic records and data are just as valuable, if not more valuable, than paper or hard-copy documents. Although not physical in nature, electronic data is nonetheless “essential” in all aspects of your business activities and has intrinsic value.

Cyber security insurance is designed for the protection of intangible data.  It can be easily explained as coverage for professional errors and the risks of doing a business on the Internet or working with a network system.  If you are automated, then you are susceptible to the threat of a breach of your systems, yoru data and your trust.  Anyone who is running a business (or someone who is just starting out) really needs to consider this coverage as much as they would consider any other aspect of their business insurance needs.

Why should I consider cyber security insurance for my business?

Here are a few examples of why you need and should consider cyber security insurance:

  • Costs you could incur to make the proper mandatory notifications to your customers if a breach in your system occurs. Many states have mandatory notifications requirements which require business owners to properly notify their customers when a security breach has occurred.  Some states also require these business owners to provide their customers with free credit reports for a year, which can become quite costly.
  • Misuse of any information, which is either confidential or subject to statutory restrictions on its use. Do you have any personal or confidential data on your system that a hacker would want and could gain unauthorized access too?
  • Defamation. You, as a company, have a direct responsibility for what is on your website.  Companies also can be held responsible for their employees’ e-mail content.
  • Transmission of a virus.  Did you know that a company could be held liable if a third party contracts a virus from your company’s website or e-mail, and as a result, that third party suffers a loss as a direct result of that virus?
  • Legal costs incurred in the defense action for loss.  Don’t forget about the costs involved just to defend a company when a third party accuses or sues because of the harm or lost revenue caused to their company by your systems breach.

 Is there anything else I can do to reduce my cyber security risk exposure?

You can reduce your risk by:

  • installing audit features that monitor log on and log off activities;
  • providing warnings that unauthorized users may be subject to monitoring and prosecution;
  • developing and implementing a trap and tracing mechanism with your local telephone company;
  • implementing systems that identify outside callers;
  • reporting significant security breaches to relevant governmental agencies;
  • implementing policies and guidelines regarding the use of computing and information;
  • encouraging employees to use encryption technologies, if appropriate. and
  • implementing security upgrades when they become available.

Some states require you to notify each individual that has been affected due to a breach of your data.  Small- to medium-sized businesses represent prime attack targets for many hackers, who favor highly automated, repeatable attacks against these more vulnerable targets.

What does a cyber security policy usually include?

  • Legal liability for damages to third parties, caused by a breach of network security;
  • coverage for loss caused by an administrative or operational error;
  • breach of privacy coverage for damages resulting from alleged violations of HIPAA, state and federal privacy protection laws and regulations;
  • customer notification expense reimbursement (policy sublimit will be set);
  • public relations expense coverage;
  • comprehensive business interruption expense coverage; and
  • cyber extortion reimbursement coverage.

Call us for further details

“Choosing insurance is a tremendous responsibility, and we are delighted to assist in that process. We consider your needs personally, and intelligently.”